| Current File : //var/log/mbdaemon.2.log |
2025-10-20 17:12:21.507 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "9e5ffb72c4b6cb02a5e2901c172970f2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-20 17:12:21.508 [115003] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-20 17:12:21.508 [115003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-20 17:12:21.667 [115003] info client.cpp::syncExclusions Updated exclusions: nebula-1760994741
2025-10-20 17:12:21.667 [115003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1760994741
2025-10-20 17:12:21.667 [115003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-20 17:12:21.667 [115003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-20 17:12:21.668 [115003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-20 17:29:59.275 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-20 17:29:59.358 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-20 17:52:28.316 [115003] info client.cpp::sync Command received : event.policy.refresh
2025-10-20 17:52:28.437 [115003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-20 17:52:28.437 [115003] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-20 17:52:29.451 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "a05433efb586a84c192e1fa9188ae705:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-20 17:52:29.451 [115003] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-20 17:52:29.451 [115003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-20 17:52:29.595 [115003] info client.cpp::syncExclusions Updated exclusions: nebula-1760997149
2025-10-20 17:52:29.595 [115003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1760997149
2025-10-20 17:52:29.595 [115003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-20 17:52:29.596 [115003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-20 17:52:29.596 [115003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-20 18:47:23.359 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-20 18:47:23.448 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-20 20:46:11.449 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-20 20:46:11.538 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-20 21:51:15.777 [115001] info sirius.cpp::downloadUpdates checking for new updates
2025-10-20 21:51:15.951 [115001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-20 21:51:15.951 [115001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-20 21:51:16.282 [115001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-20 21:51:16.358 [115001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104077
2025-10-20 21:51:17.444 [115001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104077
2025-10-20 21:51:17.444 [115001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104077
2025-10-20 21:51:17.480 [115005] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-20 21:51:17.544 [115005] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-20 21:51:17.586 [115001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-20 21:51:17.588 [115005] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-20 21:51:17.804 [115001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-20 21:51:17.804 [115001] info sirius.cpp::downloadUpdates checking for new updates
2025-10-20 21:51:17.952 [115001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-20 21:51:18.016 [115001] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-20 21:51:18.063 [115001] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-20 21:51:18.940 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "a05433efb586a84c192e1fa9188ae705:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-20 21:51:22.958 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "a05433efb586a84c192e1fa9188ae705:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-20 22:30:35.539 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-20 22:30:35.619 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-20 22:59:48.204 [115003] info client.cpp::sync Command received : event.policy.refresh
2025-10-20 22:59:48.310 [115003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-20 22:59:48.310 [115003] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-20 22:59:49.324 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "05d1a1492ed355e5b08dc1f52b1d14d7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-20 22:59:49.324 [115003] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-20 22:59:49.324 [115003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-20 22:59:49.472 [115003] info client.cpp::syncExclusions Updated exclusions: nebula-1761015589
2025-10-20 22:59:49.472 [115003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761015589
2025-10-20 22:59:49.472 [115003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-20 22:59:49.473 [115003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-20 22:59:49.473 [115003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-21 00:16:47.621 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 00:16:47.701 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 01:01:18.462 [115003] info client.cpp::sync Command received : event.policy.refresh
2025-10-21 01:01:19.349 [115003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-21 01:01:19.349 [115003] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-21 01:01:20.367 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "544a450aa0838c26d2f585f57d6f9a57:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-21 01:01:20.368 [115003] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-21 01:01:20.368 [115003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-21 01:01:21.095 [115003] info client.cpp::syncExclusions Updated exclusions: nebula-1761022880
2025-10-21 01:01:21.095 [115003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761022880
2025-10-21 01:01:21.095 [115003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-21 01:01:21.096 [115003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-21 01:01:21.096 [115003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-21 02:01:59.897 [115003] info on_nebula.cpp::handle Performing threat scan
2025-10-21 02:04:57.665 [115003] info on_nebula.cpp::handle Scan complete, duration: 178
2025-10-21 02:04:57.667 [115003] info schedule_store.cpp::save Saved nebula schedules
2025-10-21 02:04:57.668 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 02:04:57.802 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 03:01:33.114 [115003] info client.cpp::callSync []
2025-10-21 03:01:35.092 [115003] info client.cpp::syncExclusions Updated exclusions: b488b1d5971d0e95830bf5fa3f8b6d87
2025-10-21 03:01:35.092 [115003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: b488b1d5971d0e95830bf5fa3f8b6d87
2025-10-21 03:01:35.092 [115003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-21 03:01:35.093 [115003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-21 03:01:35.093 [115003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-21 03:01:35.095 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 03:01:35.186 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 04:39:41.187 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 04:39:41.269 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 06:25:53.270 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 06:25:53.352 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 07:01:00.365 [115003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-10-21 07:01:00.365 [115003] info asset_mgmt.cpp::collectData Collecting asset information
2025-10-21 07:01:00.365 [115003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-10-21 07:01:00.365 [115003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-21 07:01:00.366 [115003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-10-21 07:01:00.366 [115003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-10-21 07:01:06.435 [115003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-10-21 07:01:07.450 [115003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-10-21 07:01:10.612 [115003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368826597376, \"freespace_total\": 368826597376, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733800337408, \"freespace_total\": 733800337408, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.81\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3064008704, \"free_virtual\": 8432037888, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-10-21 07:01:10.614 [115003] info schedule_store.cpp::save Saved nebula schedules
2025-10-21 07:01:10.615 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 07:01:10.725 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 08:41:58.726 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 08:41:58.809 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 09:38:34.106 [115003] info client.cpp::callSync []
2025-10-21 09:38:35.119 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 09:38:35.246 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 10:45:11.486 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 10:45:11.569 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 12:11:35.570 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 12:11:35.652 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 13:52:23.653 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 13:52:23.755 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 15:04:23.756 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 15:04:23.840 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 16:12:47.842 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 16:12:47.924 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 17:18:29.925 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 17:18:30.007 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 18:34:06.009 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 18:34:06.090 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 19:38:55.110 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 19:38:55.218 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 21:08:01.220 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 21:08:01.301 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 21:51:17.560 [115001] info sirius.cpp::downloadUpdates checking for new updates
2025-10-21 21:51:17.785 [115001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-21 21:51:17.785 [115001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-21 21:51:18.050 [115001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-21 21:51:18.088 [115001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104119
2025-10-21 21:51:18.428 [115001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104119
2025-10-21 21:51:18.428 [115001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104119
2025-10-21 21:51:18.437 [115005] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-21 21:51:18.470 [115001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-21 21:51:18.471 [115005] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-21 21:51:18.513 [115005] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-21 21:51:18.571 [115001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-21 21:51:18.571 [115001] info sirius.cpp::downloadUpdates checking for new updates
2025-10-21 21:51:18.689 [115001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-21 21:51:18.723 [115001] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-21 21:51:18.768 [115001] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-21 21:51:20.825 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "544a450aa0838c26d2f585f57d6f9a57:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-21 21:51:24.839 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "544a450aa0838c26d2f585f57d6f9a57:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-21 22:08:19.307 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 22:08:19.391 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-21 23:28:25.392 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-21 23:28:25.476 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 00:49:25.477 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 00:49:25.558 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 02:02:00.713 [115003] info on_nebula.cpp::handle Performing threat scan
2025-10-22 02:04:56.181 [115003] info on_nebula.cpp::handle Scan complete, duration: 176
2025-10-22 02:04:56.183 [115003] info schedule_store.cpp::save Saved nebula schedules
2025-10-22 02:04:56.184 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 02:04:56.271 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 04:01:56.272 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 04:01:56.352 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 05:42:45.362 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 05:42:45.446 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 06:49:25.263 [115003] info client.cpp::sync Command received : event.policy.refresh
2025-10-22 06:49:25.389 [115003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-22 06:49:25.389 [115003] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-22 06:49:26.400 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e8e9d0a22da41a774e0914f0e7373508:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-22 06:49:26.401 [115003] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-22 06:49:26.401 [115003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-22 06:49:26.506 [115003] info client.cpp::syncExclusions Updated exclusions: nebula-1761130166
2025-10-22 06:49:26.506 [115003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761130166
2025-10-22 06:49:26.506 [115003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-22 06:49:26.507 [115003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-22 06:49:26.507 [115003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-22 07:03:45.447 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 07:03:45.527 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 08:31:57.751 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 08:31:57.831 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 10:23:33.832 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 10:23:33.912 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 11:55:21.916 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 11:55:22.020 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 13:10:58.031 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 13:10:58.114 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 15:02:34.115 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 15:02:34.197 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 16:27:10.199 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 16:27:10.280 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 18:24:10.285 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 18:24:10.369 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 19:39:46.371 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 19:39:46.452 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 20:59:52.453 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 20:59:52.535 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 21:51:17.999 [115001] info sirius.cpp::downloadUpdates checking for new updates
2025-10-22 21:51:18.133 [115001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-22 21:51:18.133 [115001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-22 21:51:18.439 [115001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-22 21:51:18.467 [115001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104155
2025-10-22 21:51:18.833 [115001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104155
2025-10-22 21:51:18.833 [115001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104155
2025-10-22 21:51:18.842 [115005] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-22 21:51:18.877 [115005] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-22 21:51:18.889 [115001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-22 21:51:18.919 [115005] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-22 21:51:18.993 [115001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-22 21:51:18.993 [115001] info sirius.cpp::downloadUpdates checking for new updates
2025-10-22 21:51:19.113 [115001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-22 21:51:19.150 [115001] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-22 21:51:19.218 [115001] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-22 21:51:22.821 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e8e9d0a22da41a774e0914f0e7373508:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-22 21:51:26.835 [115003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.81", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.81", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e8e9d0a22da41a774e0914f0e7373508:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-22 22:20:53.544 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 22:20:53.627 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-22 23:41:53.629 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-22 23:41:53.710 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 00:43:59.711 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 00:43:59.793 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 02:01:59.916 [115003] info on_nebula.cpp::handle Performing threat scan
2025-10-23 02:04:54.701 [115003] info on_nebula.cpp::handle Scan complete, duration: 175
2025-10-23 02:04:54.702 [115003] info schedule_store.cpp::save Saved nebula schedules
2025-10-23 02:04:54.703 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 02:04:54.881 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 04:04:36.882 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 04:04:36.964 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 05:32:48.965 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 05:32:49.052 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 06:40:20.065 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 06:40:20.146 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 07:00:59.317 [115003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-10-23 07:00:59.317 [115003] info asset_mgmt.cpp::collectData Collecting asset information
2025-10-23 07:00:59.317 [115003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-10-23 07:00:59.317 [115003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-23 07:00:59.318 [115003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-10-23 07:00:59.318 [115003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-10-23 07:01:05.374 [115003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-10-23 07:01:06.386 [115003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-10-23 07:01:09.542 [115003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368741875712, \"freespace_total\": 368741875712, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733655130112, \"freespace_total\": 733655130112, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.81\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6294339584, \"free_virtual\": 8429236224, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-10-23 07:01:09.545 [115003] info schedule_store.cpp::save Saved nebula schedules
2025-10-23 07:01:09.546 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 07:01:09.647 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 08:53:39.648 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 08:53:39.736 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 10:16:27.737 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 10:16:27.818 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 11:26:39.819 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 11:26:39.902 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 12:34:09.903 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 12:34:09.986 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 14:24:51.988 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 14:24:52.069 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 15:47:40.282 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 15:47:40.363 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 17:29:22.365 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 17:29:22.447 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 19:25:28.448 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 19:25:28.531 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 20:26:40.532 [115003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 20:26:40.614 [115003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 21:50:25.798 [115000] info telemetry_controller.cpp::processTelemetryData processing exiting
2025-10-23 21:50:26.413 [115004] info communicator.cpp::processor processing exited
2025-10-23 21:50:42.800 [114987] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2025-10-23 21:50:43.800 [114987] info mbdaemon.cpp::main Exiting Main - 0
2025-10-23 21:50:43.833 [205877] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.82 **************
2025-10-23 21:50:43.834 [205877] info mbdaemon.cpp::main logLevel is info
2025-10-23 21:50:43.834 [205877] info mbdaemon.cpp::main syslogLevel is warn
2025-10-23 21:50:43.834 [205877] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2025-10-23 21:50:43.834 [205877] info sirius.cpp::initialize Setting Sirius channel: release
2025-10-23 21:50:43.876 [205877] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-23 21:50:43.950 [205877] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2025-10-23 21:50:44.072 [205877] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-23 21:50:44.072 [205885] info telemetry_controller.cpp::processTelemetryData processing starting
2025-10-23 21:50:44.072 [205889] info communicator.cpp::processor processing starting
2025-10-23 21:50:44.072 [205886] info sirius.cpp::downloadUpdates checking for new updates
2025-10-23 21:50:44.074 [205890] info on_access.cpp::onAccessThread Protection setting is enabled, starting real-time protection
2025-10-23 21:50:44.223 [205886] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-23 21:50:44.223 [205886] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-23 21:50:44.522 [205886] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-23 21:50:44.559 [205886] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104199
2025-10-23 21:50:44.931 [205886] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104199
2025-10-23 21:50:44.931 [205886] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104199
2025-10-23 21:50:44.977 [205886] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-23 21:50:44.978 [205890] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-23 21:50:45.076 [205886] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-23 21:50:48.092 [205888] info client.cpp::initialize Upgrade detected from mblinux/1.1.81 to mblinux/1.1.82
2025-10-23 21:50:48.093 [205888] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-23 21:50:48.093 [205888] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-23 21:50:48.093 [205888] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2025-10-23 21:50:48.093 [205888] info sirius.cpp::downloadUpdates checking for new updates
2025-10-23 21:50:48.212 [205888] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-23 21:50:48.212 [205888] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2025-10-23 21:50:48.212 [205888] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2025-10-23 21:50:48.218 [205888] info schedule_store.cpp::load Loaded nebula schedules
2025-10-23 21:50:48.313 [205888] info client.cpp::callSync []
2025-10-23 21:50:49.318 [205888] info client.cpp::checkAgentAndAssetInfo Sending asset info for new version
2025-10-23 21:50:49.318 [205888] info asset_mgmt.cpp::collectData Collecting asset information
2025-10-23 21:50:49.318 [205888] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-10-23 21:50:49.318 [205888] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-23 21:50:49.319 [205888] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-10-23 21:50:49.319 [205888] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-10-23 21:50:55.350 [205888] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-10-23 21:50:56.358 [205888] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-10-23 21:50:59.501 [205888] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368889864192, \"freespace_total\": 368889864192, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733617311744, \"freespace_total\": 733617311744, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5586419712, \"free_virtual\": 8429236224, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-10-23 21:50:59.503 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e8e9d0a22da41a774e0914f0e7373508:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-23 21:50:59.604 [205888] info client.cpp::syncExclusions Updated exclusions: 7b32600e78180c70997af20a10f1e0af
2025-10-23 21:50:59.604 [205888] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2025-10-23 21:50:59.605 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 21:50:59.686 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-23 21:51:02.694 [205888] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 7b32600e78180c70997af20a10f1e0af
2025-10-23 21:51:02.694 [205888] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-23 21:51:02.695 [205888] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-23 21:51:02.695 [205888] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-23 23:38:05.990 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-23 23:38:06.075 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 01:05:24.077 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 01:05:24.161 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 02:02:00.283 [205888] info on_nebula.cpp::handle Performing threat scan
2025-10-24 02:04:47.639 [205888] info on_nebula.cpp::handle Scan complete, duration: 167
2025-10-24 02:04:47.641 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-24 02:04:47.642 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 02:04:47.734 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 03:40:11.734 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 03:40:11.824 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 05:36:17.826 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 05:36:17.910 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 06:41:59.911 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 06:41:59.994 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 07:00:58.007 [205888] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-10-24 07:00:58.007 [205888] info asset_mgmt.cpp::collectData Collecting asset information
2025-10-24 07:00:58.007 [205888] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-10-24 07:00:58.007 [205888] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-24 07:00:58.007 [205888] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-10-24 07:00:58.007 [205888] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-10-24 07:01:04.059 [205888] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-10-24 07:01:05.071 [205888] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-10-24 07:01:08.225 [205888] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368654749696, \"freespace_total\": 368654749696, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733609521152, \"freespace_total\": 733609521152, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11854868480, \"free_virtual\": 8427827200, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"
2025-10-24 07:01:08.227 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-24 08:00:17.995 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 08:00:18.096 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 09:25:49.108 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 09:25:49.194 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 10:48:37.196 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 10:48:37.279 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 12:31:13.281 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 12:31:13.364 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 13:41:26.377 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 13:41:26.479 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 14:38:28.652 [205888] info client.cpp::registerRefresh nebula client refresh success
2025-10-24 14:38:28.652 [205888] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2025-10-24 14:38:28.676 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 14:38:28.759 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 15:38:46.760 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 15:38:46.842 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 16:40:52.844 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 16:40:52.949 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 18:04:34.951 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 18:04:35.039 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 19:06:42.050 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 19:06:42.131 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 20:22:18.133 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 20:22:18.215 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 21:50:49.087 [205886] info sirius.cpp::downloadUpdates checking for new updates
2025-10-24 21:50:49.236 [205886] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-24 21:50:49.236 [205886] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-24 21:50:49.380 [205886] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-24 21:50:49.407 [205886] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104233
2025-10-24 21:50:49.816 [205886] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104233
2025-10-24 21:50:49.816 [205886] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104233
2025-10-24 21:50:49.818 [205890] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-24 21:50:49.854 [205890] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-24 21:50:49.893 [205886] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-24 21:50:49.896 [205890] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-24 21:50:50.030 [205886] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-24 21:50:50.030 [205886] info sirius.cpp::downloadUpdates checking for new updates
2025-10-24 21:50:50.176 [205886] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-24 21:50:50.176 [205886] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-24 21:50:53.313 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e8e9d0a22da41a774e0914f0e7373508:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-24 21:50:57.330 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e8e9d0a22da41a774e0914f0e7373508:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-24 22:12:06.216 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 22:12:06.297 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-24 23:42:06.298 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-24 23:42:06.378 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 00:46:54.380 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 00:46:54.462 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 02:02:00.544 [205888] info on_nebula.cpp::handle Performing threat scan
2025-10-25 02:04:47.675 [205888] info on_nebula.cpp::handle Scan complete, duration: 167
2025-10-25 02:04:47.676 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-25 02:04:47.678 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 02:04:47.769 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 03:46:29.771 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 03:46:29.869 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 05:14:41.871 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 05:14:41.952 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 05:29:32.330 [205888] info client.cpp::sync Command received : event.policy.refresh
2025-10-25 05:29:32.451 [205888] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-25 05:29:32.451 [205888] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-25 05:29:33.461 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "aecd29b95e10468d2c3ec0a3213ada03:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-25 05:29:33.461 [205888] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-25 05:29:33.461 [205888] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-25 05:29:33.607 [205888] info client.cpp::syncExclusions Updated exclusions: nebula-1761384573
2025-10-25 05:29:33.607 [205888] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761384573
2025-10-25 05:29:33.607 [205888] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-25 05:29:33.608 [205888] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-25 05:29:33.608 [205888] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-25 06:33:53.954 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 06:33:54.044 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 07:00:58.072 [205888] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-10-25 07:00:58.072 [205888] info asset_mgmt.cpp::collectData Collecting asset information
2025-10-25 07:00:58.072 [205888] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-10-25 07:00:58.072 [205888] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-25 07:00:58.072 [205888] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-10-25 07:00:58.072 [205888] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-10-25 07:01:04.136 [205888] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-10-25 07:01:05.147 [205888] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-10-25 07:01:07.322 [205888] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368606089216, \"freespace_total\": 368606089216, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733546553344, \"freespace_total\": 733546553344, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 12118044672, \"free_virtual\": 8426614784, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"
2025-10-25 07:01:07.325 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-25 08:21:00.045 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 08:21:00.127 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 09:38:24.128 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 09:38:24.210 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 11:04:48.212 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 11:04:48.295 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 13:04:30.297 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 13:04:30.399 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 14:46:12.400 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 14:46:12.495 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 16:33:18.496 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 16:33:18.580 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 18:23:06.581 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 18:23:06.662 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 20:09:19.674 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 20:09:19.756 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 21:14:08.767 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 21:14:08.850 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-25 21:50:54.646 [205886] info sirius.cpp::downloadUpdates checking for new updates
2025-10-25 21:50:54.768 [205886] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-25 21:50:54.768 [205886] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-25 21:50:54.935 [205886] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-25 21:50:54.966 [205886] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104265
2025-10-25 21:50:55.336 [205886] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104265
2025-10-25 21:50:55.336 [205886] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104265
2025-10-25 21:50:55.348 [205890] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-25 21:50:55.370 [205886] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-25 21:50:55.383 [205890] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-25 21:50:55.424 [205890] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-25 21:50:55.469 [205886] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-25 21:50:55.470 [205886] info sirius.cpp::downloadUpdates checking for new updates
2025-10-25 21:50:55.599 [205886] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-25 21:50:55.599 [205886] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-25 21:50:56.495 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "aecd29b95e10468d2c3ec0a3213ada03:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-25 21:51:06.331 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "aecd29b95e10468d2c3ec0a3213ada03:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-25 23:01:15.061 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-25 23:01:15.146 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 00:15:03.148 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 00:15:03.230 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 01:19:52.241 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 01:19:52.322 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 02:02:00.466 [205888] info on_nebula.cpp::handle Performing threat scan
2025-10-26 02:04:43.202 [205888] info on_nebula.cpp::handle Scan complete, duration: 163
2025-10-26 02:04:43.203 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-26 02:04:43.205 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 02:04:43.377 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 03:16:43.579 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 03:16:43.665 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 05:06:31.666 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 05:06:31.746 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 06:14:56.759 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 06:14:56.843 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 07:00:58.869 [205888] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-10-26 07:00:58.870 [205888] info asset_mgmt.cpp::collectData Collecting asset information
2025-10-26 07:00:58.870 [205888] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-10-26 07:00:58.870 [205888] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-26 07:00:58.870 [205888] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-10-26 07:00:58.870 [205888] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-10-26 07:01:04.924 [205888] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-10-26 07:01:05.935 [205888] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-10-26 07:01:09.087 [205888] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368699854848, \"freespace_total\": 368699854848, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733504720896, \"freespace_total\": 733504720896, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11584917504, \"free_virtual\": 8510763008, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"
2025-10-26 07:01:09.089 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-26 07:51:14.845 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 07:51:14.927 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 09:41:56.928 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 09:41:57.026 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 11:36:15.027 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 11:36:15.109 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 13:18:51.111 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 13:18:51.208 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 13:42:10.382 [205888] info client.cpp::sync Command received : event.policy.refresh
2025-10-26 13:42:10.507 [205888] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-26 13:42:10.508 [205888] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-26 13:42:10.524 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "7ed1ee6e826305cda59ec89f571b17fb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-26 13:42:10.524 [205888] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-26 13:42:10.524 [205888] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-26 13:42:10.635 [205888] info client.cpp::syncExclusions Updated exclusions: nebula-1761500530
2025-10-26 13:42:10.635 [205888] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761500530
2025-10-26 13:42:10.635 [205888] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-26 13:42:10.636 [205888] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-26 13:42:10.636 [205888] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-26 13:56:52.959 [205888] info client.cpp::sync Command received : event.policy.refresh
2025-10-26 13:56:53.144 [205888] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-26 13:56:53.144 [205888] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-26 13:56:53.158 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "6c7fb28aa48c466e90adcc7bb2db8a34:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-26 13:56:53.159 [205888] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-26 13:56:53.159 [205888] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-26 13:56:53.307 [205888] info client.cpp::syncExclusions Updated exclusions: nebula-1761501413
2025-10-26 13:56:53.307 [205888] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761501413
2025-10-26 13:56:53.307 [205888] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-26 13:56:53.308 [205888] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-26 13:56:53.308 [205888] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-26 15:02:21.209 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 15:02:21.290 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 16:49:28.302 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 16:49:28.402 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 18:13:11.413 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 18:13:11.495 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 19:32:23.497 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 19:32:23.579 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 20:56:05.580 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 20:56:05.661 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 21:51:00.274 [205886] info sirius.cpp::downloadUpdates checking for new updates
2025-10-26 21:51:00.402 [205886] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-26 21:51:00.402 [205886] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-26 21:51:00.554 [205886] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-26 21:51:00.581 [205886] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104291
2025-10-26 21:51:00.960 [205886] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104291
2025-10-26 21:51:00.961 [205886] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104291
2025-10-26 21:51:00.970 [205890] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-26 21:51:00.989 [205886] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-26 21:51:01.005 [205890] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-26 21:51:01.045 [205890] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-26 21:51:01.089 [205886] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-26 21:51:01.089 [205886] info sirius.cpp::downloadUpdates checking for new updates
2025-10-26 21:51:01.209 [205886] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-26 21:51:01.209 [205886] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-26 21:51:03.349 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "6c7fb28aa48c466e90adcc7bb2db8a34:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-26 21:51:07.366 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "6c7fb28aa48c466e90adcc7bb2db8a34:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-26 22:09:53.657 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 22:09:53.740 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-26 23:46:11.747 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-26 23:46:11.846 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 00:54:35.847 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 00:54:35.930 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 02:01:59.098 [205888] info on_nebula.cpp::handle Performing threat scan
2025-10-27 02:04:44.655 [205888] info on_nebula.cpp::handle Scan complete, duration: 165
2025-10-27 02:04:44.656 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-27 02:04:44.657 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 02:04:44.781 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 03:58:08.782 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 03:58:08.864 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 05:13:44.865 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 05:13:44.946 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 06:37:26.948 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 06:37:27.049 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 07:01:00.088 [205888] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-10-27 07:01:00.088 [205888] info asset_mgmt.cpp::collectData Collecting asset information
2025-10-27 07:01:00.088 [205888] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-10-27 07:01:00.088 [205888] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-27 07:01:00.089 [205888] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-10-27 07:01:00.089 [205888] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-10-27 07:01:06.140 [205888] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-10-27 07:01:07.151 [205888] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-10-27 07:01:10.295 [205888] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368638435328, \"freespace_total\": 368638435328, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733434511360, \"freespace_total\": 733434511360, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11376447488, \"free_virtual\": 8510763008, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"
2025-10-27 07:01:10.297 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-27 08:37:10.061 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 08:37:10.142 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 10:26:58.142 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 10:26:58.229 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 11:37:10.231 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 11:37:10.314 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 13:37:46.314 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 13:37:46.394 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 15:23:04.395 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 15:23:04.475 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 16:32:22.477 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 16:32:22.560 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 18:23:04.562 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 18:23:04.653 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 19:50:22.654 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 19:50:22.744 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 20:52:28.745 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 20:52:28.828 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 21:51:05.952 [205886] info sirius.cpp::downloadUpdates checking for new updates
2025-10-27 21:51:06.104 [205886] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-27 21:51:06.104 [205886] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-27 21:51:06.250 [205886] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-27 21:51:06.276 [205886] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104317
2025-10-27 21:51:06.654 [205886] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104317
2025-10-27 21:51:06.654 [205886] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104317
2025-10-27 21:51:06.667 [205890] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-27 21:51:06.702 [205890] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-27 21:51:06.741 [205890] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-27 21:51:06.745 [205886] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-27 21:51:06.843 [205886] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-27 21:51:06.843 [205886] info sirius.cpp::downloadUpdates checking for new updates
2025-10-27 21:51:06.963 [205886] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-27 21:51:06.963 [205886] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-27 21:51:09.611 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "6c7fb28aa48c466e90adcc7bb2db8a34:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-27 21:51:13.624 [205888] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "6c7fb28aa48c466e90adcc7bb2db8a34:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-27 22:03:34.572 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 22:03:34.652 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-27 23:41:40.911 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-27 23:41:41.030 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 01:19:47.031 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 01:19:47.112 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 02:02:00.278 [205888] info on_nebula.cpp::handle Performing threat scan
2025-10-28 02:04:44.646 [205888] info on_nebula.cpp::handle Scan complete, duration: 164
2025-10-28 02:04:44.647 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-28 02:04:44.648 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 02:04:44.746 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 03:33:50.747 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 03:33:50.831 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 04:54:51.843 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 04:54:51.926 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 06:42:51.927 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 06:42:52.009 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 07:01:00.039 [205888] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-10-28 07:01:00.039 [205888] info asset_mgmt.cpp::collectData Collecting asset information
2025-10-28 07:01:00.039 [205888] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-10-28 07:01:00.039 [205888] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-28 07:01:00.040 [205888] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-10-28 07:01:00.040 [205888] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-10-28 07:01:06.095 [205888] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-10-28 07:01:07.107 [205888] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-10-28 07:01:09.264 [205888] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368628461568, \"freespace_total\": 368628461568, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733385629696, \"freespace_total\": 733385629696, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10646085632, \"free_virtual\": 8510763008, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"
2025-10-28 07:01:09.266 [205888] info schedule_store.cpp::save Saved nebula schedules
2025-10-28 07:48:34.212 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 07:48:34.291 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 08:51:34.293 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 08:51:34.375 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 10:19:46.376 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 10:19:46.458 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 12:16:46.459 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 12:16:46.549 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 13:17:58.551 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 13:17:58.633 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 14:56:04.635 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 14:56:04.718 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 16:29:40.719 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 16:29:40.803 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 17:37:11.816 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 17:37:11.898 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 19:01:47.899 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 19:01:47.981 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 20:15:35.982 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 20:15:36.062 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 21:42:00.063 [205888] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 21:42:00.145 [205888] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 21:50:28.686 [205885] info telemetry_controller.cpp::processTelemetryData processing exiting
2025-10-28 21:50:32.759 [205889] info communicator.cpp::processor processing exited
2025-10-28 21:50:46.760 [205877] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2025-10-28 21:50:47.760 [205877] info mbdaemon.cpp::main Exiting Main - 0
2025-10-28 21:50:47.790 [60582] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.82 **************
2025-10-28 21:50:47.790 [60582] info mbdaemon.cpp::main logLevel is info
2025-10-28 21:50:47.790 [60582] info mbdaemon.cpp::main syslogLevel is warn
2025-10-28 21:50:47.790 [60582] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2025-10-28 21:50:47.790 [60582] info sirius.cpp::initialize Setting Sirius channel: release
2025-10-28 21:50:47.825 [60582] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-28 21:50:47.868 [60582] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2025-10-28 21:50:47.970 [60582] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-28 21:50:47.971 [60620] info telemetry_controller.cpp::processTelemetryData processing starting
2025-10-28 21:50:47.971 [60624] info communicator.cpp::processor processing starting
2025-10-28 21:50:47.971 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-10-28 21:50:47.972 [60625] info on_access.cpp::onAccessThread Protection setting is enabled, starting real-time protection
2025-10-28 21:50:48.141 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-28 21:50:48.141 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-28 21:50:48.581 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-28 21:50:48.607 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104351
2025-10-28 21:50:48.984 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104351
2025-10-28 21:50:48.984 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104351
2025-10-28 21:50:49.033 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-28 21:50:49.075 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-28 21:50:49.181 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-28 21:50:51.990 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-28 21:50:51.990 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-28 21:50:51.990 [60623] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2025-10-28 21:50:51.990 [60623] info sirius.cpp::downloadUpdates checking for new updates
2025-10-28 21:50:52.142 [60623] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-28 21:50:52.142 [60623] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2025-10-28 21:50:52.143 [60623] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2025-10-28 21:50:52.148 [60623] info schedule_store.cpp::load Loaded nebula schedules
2025-10-28 21:50:52.258 [60623] info client.cpp::callSync []
2025-10-28 21:50:53.350 [60623] info client.cpp::syncExclusions Updated exclusions: 4b5c0a82ef7b1c736bd5c77ed496a8bb
2025-10-28 21:50:53.350 [60623] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2025-10-28 21:50:53.350 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 21:50:53.455 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-28 21:50:57.463 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 4b5c0a82ef7b1c736bd5c77ed496a8bb
2025-10-28 21:50:57.463 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-28 21:50:57.463 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-28 21:50:57.464 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-28 22:54:43.610 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-10-28 22:54:43.721 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-28 22:54:43.721 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-28 22:54:44.730 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "8bf6471a8638fcf8d800f6ea1aa71f17:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-28 22:54:44.730 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-28 22:54:44.730 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-28 22:54:44.846 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1761706484
2025-10-28 22:54:44.847 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761706484
2025-10-28 22:54:44.847 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-28 22:54:44.847 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-28 22:54:44.847 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-28 23:00:12.023 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-28 23:00:12.103 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 00:14:54.105 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 00:14:54.206 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 02:01:58.349 [60623] info on_nebula.cpp::handle Performing threat scan
2025-10-29 02:04:42.141 [60623] info on_nebula.cpp::handle Scan complete, duration: 164
2025-10-29 02:04:42.142 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-10-29 02:04:42.143 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 02:04:42.295 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 03:37:24.297 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 03:37:24.380 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 05:36:12.381 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 05:36:12.462 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 06:57:13.473 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 06:57:13.553 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 08:23:38.565 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 08:23:38.646 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 09:53:38.648 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 09:53:38.732 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 11:11:56.733 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 11:11:56.814 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 12:22:08.816 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 12:22:08.906 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 13:33:14.907 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 13:33:14.988 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 14:56:56.989 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 14:56:57.095 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 16:16:09.096 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 16:16:09.180 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 17:22:45.193 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 17:22:45.274 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 18:49:09.276 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 18:49:09.356 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 20:30:52.368 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 20:30:52.448 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-29 21:50:53.391 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-10-29 21:50:53.512 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-29 21:50:53.512 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-29 21:50:53.687 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-29 21:50:53.715 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104389
2025-10-29 21:50:54.105 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104389
2025-10-29 21:50:54.105 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104389
2025-10-29 21:50:54.118 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-29 21:50:54.154 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-29 21:50:54.159 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-29 21:50:54.195 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-29 21:50:54.258 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-29 21:50:54.258 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-10-29 21:50:54.380 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-29 21:50:54.381 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-29 21:50:54.843 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "8bf6471a8638fcf8d800f6ea1aa71f17:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-29 21:51:02.682 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "8bf6471a8638fcf8d800f6ea1aa71f17:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-29 22:26:05.460 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-29 22:26:05.542 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 00:11:24.554 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 00:11:24.636 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 01:22:30.637 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 01:22:30.773 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 02:02:00.937 [60623] info on_nebula.cpp::handle Performing threat scan
2025-10-30 02:04:44.734 [60623] info on_nebula.cpp::handle Scan complete, duration: 164
2025-10-30 02:04:44.736 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-10-30 02:04:44.737 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 02:04:44.876 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 03:06:36.134 [60623] info client.cpp::callSync []
2025-10-30 03:06:37.228 [60623] info client.cpp::syncExclusions Updated exclusions: 11873eb2a57f1b59e09207576769b43d
2025-10-30 03:06:37.228 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 11873eb2a57f1b59e09207576769b43d
2025-10-30 03:06:37.228 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-30 03:06:37.229 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-30 03:06:37.229 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-30 03:06:37.230 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 03:06:37.310 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 04:14:07.311 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 04:14:07.393 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 05:45:55.395 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 05:45:55.476 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 06:46:13.477 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 06:46:13.560 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 08:34:13.561 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 08:34:13.643 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 10:10:31.645 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 10:10:31.726 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 11:36:55.728 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 11:36:55.808 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 12:41:43.809 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 12:41:43.891 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 14:15:19.893 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 14:15:19.976 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 15:44:25.977 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 15:44:26.059 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 17:10:50.060 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 17:10:50.141 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 18:39:56.141 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 18:39:56.224 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 20:18:02.226 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 20:18:02.307 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 21:31:50.308 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 21:31:50.392 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 21:50:58.487 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-10-30 21:50:58.664 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-30 21:50:58.664 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-30 21:50:58.943 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-30 21:50:58.970 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104431
2025-10-30 21:50:59.361 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104431
2025-10-30 21:50:59.362 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104431
2025-10-30 21:50:59.376 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-30 21:50:59.411 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-30 21:50:59.449 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-30 21:50:59.452 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-30 21:50:59.560 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-30 21:50:59.561 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-10-30 21:50:59.684 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-30 21:50:59.685 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-30 21:51:03.563 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "8bf6471a8638fcf8d800f6ea1aa71f17:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-30 21:51:07.574 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "8bf6471a8638fcf8d800f6ea1aa71f17:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-30 22:19:15.548 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-10-30 22:19:15.651 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-30 22:19:15.651 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-30 22:19:16.661 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "5eaade3e63608748807ea4f1197e060b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-30 22:19:16.662 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-30 22:19:16.662 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-30 22:19:16.761 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1761877156
2025-10-30 22:19:16.761 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761877156
2025-10-30 22:19:16.761 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-30 22:19:16.762 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-30 22:19:16.762 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-30 22:46:32.391 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-30 22:46:32.472 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-30 22:46:37.494 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-10-30 22:46:37.595 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-10-30 22:46:37.595 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-10-30 22:46:38.606 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "260613be7699abc6d022c2ccda29710d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-30 22:46:38.606 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-10-30 22:46:38.606 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-10-30 22:46:38.701 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1761878798
2025-10-30 22:46:38.701 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761878798
2025-10-30 22:46:38.701 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-10-30 22:46:38.702 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-10-30 22:46:38.702 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-10-31 00:30:57.484 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 00:30:57.592 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 02:01:59.618 [60623] info on_nebula.cpp::handle Performing threat scan
2025-10-31 02:04:43.304 [60623] info on_nebula.cpp::handle Scan complete, duration: 164
2025-10-31 02:04:43.306 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-10-31 02:04:43.307 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 02:04:43.437 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 03:54:31.439 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 03:54:31.521 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 05:30:49.522 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 05:30:49.603 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 07:12:31.605 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 07:12:31.702 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 08:23:37.703 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 08:23:37.786 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 09:37:25.788 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 09:37:25.869 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 10:42:13.870 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 10:42:13.950 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 11:47:55.951 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 11:47:56.032 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 12:56:20.048 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 12:56:20.130 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 14:47:02.132 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 14:47:02.217 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 16:20:38.218 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 16:20:38.318 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 17:41:39.329 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 17:41:39.410 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 18:55:27.411 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 18:55:27.492 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 20:02:57.493 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 20:02:57.575 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 21:47:21.576 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 21:47:21.673 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-10-31 21:51:04.602 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-10-31 21:51:04.753 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-10-31 21:51:04.753 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-10-31 21:51:04.925 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-10-31 21:51:04.953 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104463
2025-10-31 21:51:05.358 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104463
2025-10-31 21:51:05.358 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104463
2025-10-31 21:51:05.359 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-10-31 21:51:05.395 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-10-31 21:51:05.434 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-10-31 21:51:05.438 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-10-31 21:51:05.539 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-10-31 21:51:05.539 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-10-31 21:51:05.658 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-10-31 21:51:05.659 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-10-31 21:51:08.635 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "260613be7699abc6d022c2ccda29710d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-31 21:51:12.648 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "260613be7699abc6d022c2ccda29710d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-10-31 23:13:45.675 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-10-31 23:13:45.756 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 00:24:51.757 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 00:24:51.858 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 02:01:58.015 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-01 02:04:43.385 [60623] info on_nebula.cpp::handle Scan complete, duration: 165
2025-11-01 02:04:43.386 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-01 02:04:43.387 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 02:04:43.530 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 03:41:55.532 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 03:41:55.613 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 04:48:31.615 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 04:48:31.696 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 06:12:13.697 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 06:12:13.779 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 06:34:02.832 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-01 06:34:02.956 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-01 06:34:02.956 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-01 06:34:02.970 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "2b7a67fe31726fdeaeef1e3de74854fa:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-01 06:34:02.971 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-01 06:34:02.971 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-01 06:34:03.114 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1761993242
2025-11-01 06:34:03.114 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1761993242
2025-11-01 06:34:03.114 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-01 06:34:03.115 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-01 06:34:03.115 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-01 07:35:55.781 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 07:35:55.898 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 08:47:01.899 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 08:47:01.980 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 09:40:18.694 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-01 09:40:18.794 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-01 09:40:18.794 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-01 09:40:19.815 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "bd6433e3b772ab2fb5bde08bb5d5284d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-01 09:40:19.816 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-01 09:40:19.816 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-01 09:40:19.928 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762004419
2025-11-01 09:40:19.928 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762004419
2025-11-01 09:40:19.928 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-01 09:40:19.928 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-01 09:40:19.928 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-01 10:24:13.982 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 10:24:14.062 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 12:11:20.064 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 12:11:20.146 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 13:57:32.147 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 13:57:32.227 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 14:57:50.229 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 14:57:50.558 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 16:07:08.470 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 16:07:08.587 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 17:42:32.588 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 17:42:32.669 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 19:39:32.670 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 19:39:32.753 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 21:32:02.754 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 21:32:02.836 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-01 21:51:09.847 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-01 21:51:09.993 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-01 21:51:09.993 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-01 21:51:10.174 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-01 21:51:10.202 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104487
2025-11-01 21:51:10.602 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104487
2025-11-01 21:51:10.602 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104487
2025-11-01 21:51:10.616 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-01 21:51:10.651 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-01 21:51:10.661 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-01 21:51:10.692 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-01 21:51:10.796 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-01 21:51:10.796 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-01 21:51:10.917 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-01 21:51:10.918 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-01 21:51:12.072 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "bd6433e3b772ab2fb5bde08bb5d5284d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-01 21:51:20.098 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "bd6433e3b772ab2fb5bde08bb5d5284d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-01 22:49:26.836 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-01 22:49:26.925 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 00:23:56.923 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 00:23:57.003 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 01:02:00.192 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-02 01:04:48.120 [60623] info on_nebula.cpp::handle Scan complete, duration: 168
2025-11-02 01:04:48.121 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-02 01:04:48.122 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 01:04:48.245 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 02:41:06.252 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 02:41:06.365 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 03:55:48.367 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 03:55:48.450 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 05:33:54.452 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 05:33:54.533 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 06:00:58.547 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-02 06:00:58.547 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-02 06:00:58.547 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-02 06:00:58.547 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-02 06:00:58.547 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-02 06:00:58.547 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-02 06:01:04.600 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-02 06:01:05.612 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-02 06:01:08.786 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368715657216, \"freespace_total\": 368715657216, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733110870016, \"freespace_total\": 733110870016, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5729132544, \"free_virtual\": 8510763008, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-02 06:01:08.789 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-02 07:09:18.535 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 07:09:18.618 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 09:06:18.618 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 09:06:18.701 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 10:12:54.702 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 10:12:54.782 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 11:35:42.783 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 11:35:42.887 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 13:12:54.888 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 13:12:54.971 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 15:07:12.972 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 15:07:13.053 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 16:12:01.055 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 16:12:01.137 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 18:08:07.138 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 18:08:07.219 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 19:53:25.221 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 19:53:25.301 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 20:51:15.919 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-02 20:51:16.040 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-02 20:51:16.040 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-02 20:51:16.227 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-02 20:51:16.269 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104525
2025-11-02 20:51:16.668 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104525
2025-11-02 20:51:16.668 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104525
2025-11-02 20:51:16.681 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-02 20:51:16.716 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-02 20:51:16.729 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-02 20:51:16.757 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-02 20:51:16.831 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-02 20:51:16.832 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-02 20:51:16.951 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-02 20:51:16.952 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-02 20:51:17.352 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "bd6433e3b772ab2fb5bde08bb5d5284d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-02 20:51:25.382 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "bd6433e3b772ab2fb5bde08bb5d5284d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-02 21:27:01.303 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 21:27:01.385 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-02 23:09:37.399 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-02 23:09:37.481 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 00:53:07.482 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 00:53:07.562 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 02:38:26.573 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 02:38:26.656 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 03:58:33.667 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 03:58:33.748 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 05:06:03.749 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 05:06:03.832 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 06:21:39.833 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 06:21:39.916 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 07:08:01.141 [60623] info client.cpp::callSync []
2025-11-03 07:08:02.235 [60623] info client.cpp::syncExclusions Updated exclusions: fbe0187672e36fece159c87495121867
2025-11-03 07:08:02.235 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: fbe0187672e36fece159c87495121867
2025-11-03 07:08:02.235 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-03 07:08:02.236 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-03 07:08:02.236 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-03 07:08:02.237 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 07:08:02.320 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 08:44:20.326 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 08:44:20.427 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 09:47:20.428 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 09:47:20.509 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 11:47:56.510 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 11:47:56.592 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 13:44:02.594 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 13:44:02.676 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 15:19:26.677 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 15:19:26.757 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 16:19:45.769 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 16:19:45.853 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 18:13:34.519 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-03 18:13:34.655 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-03 18:13:34.655 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-03 18:13:35.665 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "9dc06fdd56006c9588b0607d1f261fed:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-03 18:13:35.666 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-03 18:13:35.666 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-03 18:13:35.765 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762211615
2025-11-03 18:13:35.765 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762211615
2025-11-03 18:13:35.765 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-03 18:13:35.765 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-03 18:13:35.766 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-03 18:14:03.867 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 18:14:03.950 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 18:37:12.989 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-03 18:37:13.100 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-03 18:37:13.100 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-03 18:37:14.110 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "2f2c906021947cd05723bc276dbc6a68:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-03 18:37:14.110 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-03 18:37:14.110 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-03 18:37:14.224 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762213034
2025-11-03 18:37:14.224 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762213034
2025-11-03 18:37:14.224 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-03 18:37:14.225 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-03 18:37:14.225 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-03 19:25:10.150 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 19:25:10.231 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 20:29:58.232 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 20:29:58.313 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-03 20:51:21.023 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-03 20:51:21.166 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-03 20:51:21.166 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-03 20:51:21.340 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-03 20:51:21.368 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104567
2025-11-03 20:51:21.764 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104567
2025-11-03 20:51:21.764 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104567
2025-11-03 20:51:21.774 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-03 20:51:21.809 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-03 20:51:21.831 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-03 20:51:21.849 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-03 20:51:21.933 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-03 20:51:21.933 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-03 20:51:22.053 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-03 20:51:22.054 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-03 20:51:22.454 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "2f2c906021947cd05723bc276dbc6a68:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-03 20:51:30.483 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "2f2c906021947cd05723bc276dbc6a68:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-03 22:28:46.312 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-03 22:28:46.394 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 00:09:34.395 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 00:09:34.476 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 01:01:58.517 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-04 01:04:44.902 [60623] info on_nebula.cpp::handle Scan complete, duration: 166
2025-11-04 01:04:44.903 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-04 01:04:44.904 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 01:04:45.042 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 02:48:15.044 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 02:48:15.125 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 04:24:33.127 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 04:24:33.207 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 05:43:45.209 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 05:43:45.291 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 06:00:59.323 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-04 06:00:59.323 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-04 06:00:59.324 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-04 06:00:59.324 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-04 06:00:59.324 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-04 06:00:59.324 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-04 06:01:05.380 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-04 06:01:06.392 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-04 06:01:09.547 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368691945472, \"freespace_total\": 368691945472, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 733003313152, \"freespace_total\": 733003313152, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 14182023168, \"free_virtual\": 8510164992, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"
2025-11-04 06:01:09.549 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-04 07:29:57.292 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 07:29:57.373 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 08:58:09.375 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 08:58:09.482 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 09:43:29.185 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-04 09:43:29.285 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-04 09:43:29.285 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-04 09:43:30.295 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e3170d0cf913f6838c6aa6fe7e53a232:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-04 09:43:30.296 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-04 09:43:30.296 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-04 09:43:30.424 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762267410
2025-11-04 09:43:30.424 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762267410
2025-11-04 09:43:30.424 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-04 09:43:30.424 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-04 09:43:30.424 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-04 10:37:10.493 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 10:37:10.575 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 11:42:52.576 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 11:42:52.658 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 12:57:34.659 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 12:57:34.742 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 14:33:52.744 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 14:33:52.826 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 15:36:52.826 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 15:36:52.909 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 17:06:52.910 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 17:06:52.991 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 18:33:16.993 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 18:33:17.091 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 19:56:06.106 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 19:56:06.203 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 20:51:26.914 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-04 20:51:27.040 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-04 20:51:27.040 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-04 20:51:27.216 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-04 20:51:27.249 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104589
2025-11-04 20:51:27.736 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104589
2025-11-04 20:51:27.736 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104589
2025-11-04 20:51:27.750 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-04 20:51:27.786 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-04 20:51:27.826 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-04 20:51:27.841 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-04 20:51:27.943 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-04 20:51:27.943 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-04 20:51:28.062 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-04 20:51:28.063 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-04 20:51:28.281 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e3170d0cf913f6838c6aa6fe7e53a232:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-04 20:51:36.308 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e3170d0cf913f6838c6aa6fe7e53a232:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-04 21:52:12.689 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 21:52:12.791 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-04 23:01:31.322 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-04 23:01:31.418 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 00:26:07.419 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 00:26:07.500 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 01:40:49.501 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 01:40:49.582 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 03:01:50.593 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 03:01:50.675 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 04:57:02.677 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 04:57:02.765 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 05:59:08.766 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 05:59:08.849 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 06:01:00.863 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-05 06:01:00.863 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-05 06:01:00.863 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-05 06:01:00.863 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-05 06:01:00.864 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-05 06:01:00.864 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-05 06:01:06.917 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-05 06:01:07.928 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-05 06:01:11.088 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 368624443392, \"freespace_total\": 368624443392, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 732932345856, \"freespace_total\": 732932345856, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 25344880640, \"free_virtual\": 8502374400, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"
2025-11-05 06:01:11.090 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-05 07:12:56.850 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 07:12:56.932 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 08:23:08.934 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 08:23:09.016 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 09:41:28.027 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 09:41:28.110 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 11:34:52.112 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 11:34:52.217 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 13:01:16.219 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 13:01:16.301 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 14:22:16.302 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 14:22:16.383 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 16:01:16.398 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 16:01:16.486 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 17:49:16.488 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 17:49:16.587 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 19:35:28.588 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 19:35:28.669 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 20:51:32.537 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-05 20:51:32.681 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-05 20:51:32.681 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-05 20:51:32.838 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-05 20:51:32.872 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104621
2025-11-05 20:51:33.267 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104621
2025-11-05 20:51:33.267 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104621
2025-11-05 20:51:33.281 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-05 20:51:33.318 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-05 20:51:33.351 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-05 20:51:33.358 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-05 20:51:33.452 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-05 20:51:33.792 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-05 20:51:33.914 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-05 20:51:33.915 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-05 20:51:37.798 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e3170d0cf913f6838c6aa6fe7e53a232:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-05 20:51:41.812 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "e3170d0cf913f6838c6aa6fe7e53a232:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-05 21:22:34.670 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 21:22:34.751 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 22:37:16.750 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 22:37:16.871 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-05 23:40:16.873 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-05 23:40:16.955 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 01:04:52.956 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 01:04:53.038 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 02:11:29.040 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 02:11:29.122 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 03:26:11.123 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 03:26:11.205 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 05:03:23.207 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 05:03:23.288 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 06:12:41.289 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 06:12:41.371 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 07:18:24.383 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 07:18:24.466 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 08:46:36.469 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 08:46:36.552 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 10:05:48.554 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 10:05:48.637 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 11:34:54.637 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 11:34:54.718 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 12:36:06.717 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 12:36:06.818 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 13:38:32.986 [60623] info client.cpp::registerRefresh nebula client refresh success
2025-11-06 13:38:32.986 [60623] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2025-11-06 13:38:33.010 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 13:38:33.093 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 15:13:04.104 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 15:13:04.186 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 16:34:05.198 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 16:34:05.279 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 18:14:53.280 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 18:14:53.362 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 18:48:56.513 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-06 18:48:56.644 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-06 18:48:56.644 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-06 18:48:57.654 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "2a022b5d95a3db4db9fd05d9eaaa5dd0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-06 18:48:57.655 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-06 18:48:57.655 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-06 18:48:57.780 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762472937
2025-11-06 18:48:57.780 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762472937
2025-11-06 18:48:57.780 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-06 18:48:57.781 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-06 18:48:57.781 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-06 19:58:24.378 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 19:58:24.483 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 20:51:38.775 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-06 20:51:38.900 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-06 20:51:38.901 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-06 20:51:39.059 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-06 20:51:39.088 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104651
2025-11-06 20:51:39.491 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104651
2025-11-06 20:51:39.492 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104651
2025-11-06 20:51:39.501 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-06 20:51:39.538 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-06 20:51:39.578 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-06 20:51:39.599 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-06 20:51:39.705 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-06 20:51:39.705 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-06 20:51:39.833 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-06 20:51:39.833 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-06 20:51:42.523 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "2a022b5d95a3db4db9fd05d9eaaa5dd0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-06 20:51:45.539 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "2a022b5d95a3db4db9fd05d9eaaa5dd0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-06 21:53:35.451 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 21:53:35.533 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-06 23:31:42.568 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-06 23:31:42.662 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 01:01:58.711 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-07 01:05:21.771 [60623] info on_nebula.cpp::handle Scan complete, duration: 203
2025-11-07 01:05:21.772 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-07 01:05:21.773 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 01:05:21.862 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 02:14:39.864 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 02:14:39.946 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 03:30:15.947 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 03:30:16.031 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 04:31:29.043 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 04:31:29.126 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 05:54:17.309 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 05:54:17.393 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 06:00:59.471 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-07 06:00:59.471 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-07 06:00:59.471 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-07 06:00:59.471 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-07 06:00:59.472 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-07 06:00:59.472 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-07 06:01:05.539 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-07 06:01:06.554 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-07 06:01:09.720 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 366128549888, \"freespace_total\": 366128549888, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 732751724544, \"freespace_total\": 732751724544, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13494542336, \"free_virtual\": 8508403712, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"
2025-11-07 06:01:09.723 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-07 07:40:29.395 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 07:40:29.477 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 09:30:18.488 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 09:30:18.569 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 10:36:00.570 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 10:36:00.668 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 11:53:25.680 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 11:53:25.762 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 13:39:37.761 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 13:39:37.843 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 14:57:01.844 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 14:57:01.938 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 16:50:25.940 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 16:50:26.021 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 18:26:45.032 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 18:26:45.115 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 19:40:33.123 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 19:40:33.231 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 20:51:43.801 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-07 20:51:43.923 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-07 20:51:43.923 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-07 20:51:44.113 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-07 20:51:44.157 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104689
2025-11-07 20:51:44.579 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104689
2025-11-07 20:51:44.579 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104689
2025-11-07 20:51:44.592 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-07 20:51:44.619 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-07 20:51:44.628 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-07 20:51:44.668 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-07 20:51:44.722 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-07 20:51:44.722 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-07 20:51:44.843 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-07 20:51:44.843 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-07 20:51:47.254 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "2a022b5d95a3db4db9fd05d9eaaa5dd0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-07 20:51:58.292 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "2a022b5d95a3db4db9fd05d9eaaa5dd0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:65", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-07 20:59:46.242 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 20:59:46.325 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 22:40:34.697 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 22:40:34.780 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-07 23:43:34.781 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-07 23:43:34.864 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 00:53:46.865 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 00:53:46.965 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 01:02:00.995 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-08 01:05:31.861 [60623] info on_nebula.cpp::handle Scan complete, duration: 211
2025-11-08 01:05:31.863 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-08 01:05:31.864 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 01:05:31.998 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 02:11:13.999 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 02:11:14.090 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 03:20:32.092 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 03:20:32.174 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 05:04:56.175 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 05:04:56.278 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 06:00:59.329 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-08 06:00:59.329 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-08 06:00:59.329 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-08 06:00:59.329 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-08 06:00:59.330 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-08 06:00:59.330 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-08 06:01:05.385 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-08 06:01:06.396 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-08 06:01:09.548 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 358248042496, \"freespace_total\": 358248042496, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 732289658880, \"freespace_total\": 732289658880, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 2936156160, \"free_virtual\": 8508403712, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-08 06:01:09.550 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-08 06:33:09.293 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 06:33:09.375 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 08:09:27.376 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 08:09:27.463 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 08:59:21.787 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-08 08:59:21.902 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-08 08:59:21.902 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-08 08:59:23.264 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "7992b7233a4393c03dd8de41cefc54bf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-08 08:59:23.264 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-08 08:59:23.264 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-08 08:59:23.412 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762610363
2025-11-08 08:59:23.412 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762610363
2025-11-08 08:59:23.412 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-08 08:59:23.413 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-08 08:59:23.413 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-08 09:30:27.464 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 09:30:27.547 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 11:05:51.754 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 11:05:51.836 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 12:47:34.022 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 12:47:34.104 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 14:06:46.465 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 14:06:46.554 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 15:52:58.556 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 15:52:58.640 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 17:00:28.835 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 17:00:28.915 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 18:07:04.916 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 18:07:04.995 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 19:59:34.997 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 19:59:35.079 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 20:51:49.028 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-08 20:51:49.152 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-08 20:51:49.152 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-08 20:51:49.303 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-08 20:51:49.332 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104725
2025-11-08 20:51:49.738 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104725
2025-11-08 20:51:49.738 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104725
2025-11-08 20:51:49.751 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-08 20:51:49.788 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-08 20:51:49.827 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-08 20:51:49.839 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-08 20:51:49.942 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-08 20:51:49.942 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-08 20:51:50.061 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-08 20:51:50.066 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-08 20:51:51.090 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "7992b7233a4393c03dd8de41cefc54bf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-08 20:51:55.105 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "7992b7233a4393c03dd8de41cefc54bf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-08 21:16:05.264 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 21:16:05.347 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-08 22:30:47.350 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-08 22:30:47.462 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 00:20:35.462 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 00:20:35.543 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 01:01:58.725 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-09 01:06:02.594 [60623] info on_nebula.cpp::handle Scan complete, duration: 244
2025-11-09 01:06:02.595 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-09 01:06:02.596 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 01:06:02.726 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 02:11:44.727 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 02:11:44.839 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 03:48:02.840 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 03:48:02.924 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 03:58:20.129 [60623] info client.cpp::callSync []
2025-11-09 03:58:21.238 [60623] info client.cpp::syncExclusions Updated exclusions: 11b8616da50b4ea00924558d30f4d508
2025-11-09 03:58:21.238 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 11b8616da50b4ea00924558d30f4d508
2025-11-09 03:58:21.238 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-09 03:58:21.239 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-09 03:58:21.239 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-09 03:58:21.240 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 03:58:21.346 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 05:33:45.532 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 05:33:45.615 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 07:18:10.626 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 07:18:10.712 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 08:35:34.713 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 08:35:34.797 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 10:08:17.809 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 10:08:17.891 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 11:41:53.893 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 11:41:53.974 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 13:04:42.548 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 13:04:42.630 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 14:29:18.830 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 14:29:18.912 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 15:39:30.913 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 15:39:30.996 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 16:58:42.997 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 16:58:43.079 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 18:41:19.081 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 18:41:19.187 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 19:47:01.189 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 19:47:01.271 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 20:51:54.178 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-09 20:51:54.321 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-09 20:51:54.321 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-09 20:51:54.473 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-09 20:51:54.522 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104749
2025-11-09 20:51:54.927 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104749
2025-11-09 20:51:54.927 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104749
2025-11-09 20:51:54.943 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-09 20:51:54.980 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-09 20:51:55.021 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-09 20:51:55.041 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-09 20:51:55.147 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-09 20:51:55.147 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-09 20:51:55.269 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-09 20:51:55.270 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-09 20:51:58.306 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "7992b7233a4393c03dd8de41cefc54bf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-09 20:52:06.334 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "7992b7233a4393c03dd8de41cefc54bf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-09 21:38:37.665 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 21:38:37.746 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-09 23:23:01.744 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-09 23:23:01.827 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 00:37:43.827 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 00:37:43.908 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 01:02:00.082 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-10 01:07:19.057 [60623] info on_nebula.cpp::handle Scan complete, duration: 319
2025-11-10 01:07:19.058 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-10 01:07:19.059 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 01:07:19.174 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 02:35:31.175 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 02:35:31.269 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 03:45:44.285 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 03:45:44.387 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 05:05:50.388 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 05:05:50.471 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 06:00:59.541 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-10 06:00:59.541 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-10 06:00:59.541 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-10 06:00:59.541 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-10 06:00:59.542 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-10 06:00:59.542 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-10 06:01:06.069 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-10 06:01:07.081 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-10 06:01:10.283 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 345326743552, \"freespace_total\": 345326743552, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 731385376768, \"freespace_total\": 731385376768, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5522235392, \"free_virtual\": 8502374400, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-10 06:01:10.287 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-10 06:57:26.473 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 06:57:26.555 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 08:54:26.556 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 08:54:26.639 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 10:31:38.826 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 10:31:38.907 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 11:34:38.908 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 11:34:38.991 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 13:00:09.173 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 13:00:09.279 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 14:03:10.291 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 14:03:10.374 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 15:39:28.375 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 15:39:28.481 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 17:31:58.664 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 17:31:58.745 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 18:33:10.945 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 18:33:11.046 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 19:45:11.047 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 19:45:11.130 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 20:51:59.362 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-10 20:51:59.492 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-10 20:51:59.492 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-10 20:51:59.645 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-10 20:51:59.681 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104779
2025-11-10 20:52:00.084 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104779
2025-11-10 20:52:00.084 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104779
2025-11-10 20:52:00.098 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-10 20:52:00.135 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-10 20:52:00.145 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-10 20:52:00.177 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-10 20:52:00.266 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-10 20:52:00.267 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-10 20:52:00.387 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-10 20:52:00.388 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-10 20:52:04.204 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "7992b7233a4393c03dd8de41cefc54bf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-10 20:52:16.242 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "7992b7233a4393c03dd8de41cefc54bf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-10 21:32:06.976 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-10 21:32:07.105 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-10 21:32:07.105 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-10 21:32:07.118 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "bf02f5c4588c19169acdf07b84ea0f3b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-10 21:32:07.118 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-10 21:32:07.118 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-10 21:32:07.227 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762828327
2025-11-10 21:32:07.227 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762828327
2025-11-10 21:32:07.227 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-10 21:32:07.228 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-10 21:32:07.228 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-10 21:37:12.236 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-10 21:37:12.360 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-10 21:37:12.360 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-10 21:37:13.371 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "16ba549c6fa725c1532528814459dd16:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-10 21:37:13.371 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-10 21:37:13.372 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-10 21:37:13.498 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762828633
2025-11-10 21:37:13.498 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762828633
2025-11-10 21:37:13.498 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-10 21:37:13.499 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-10 21:37:13.499 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-10 21:38:35.131 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 21:38:35.215 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-10 22:36:27.286 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-10 22:36:27.388 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-10 22:36:27.388 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-10 22:36:28.399 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "76d9f18186340b3e242dcb86344a43ad:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-10 22:36:28.399 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-10 22:36:28.399 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-10 22:36:28.514 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762832188
2025-11-10 22:36:28.514 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762832188
2025-11-10 22:36:28.514 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-10 22:36:28.515 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-10 22:36:28.515 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-10 22:49:41.219 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-10 22:49:41.325 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 00:41:17.324 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 00:41:17.409 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 01:02:00.419 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-11 01:07:35.068 [60623] info on_nebula.cpp::handle Scan complete, duration: 335
2025-11-11 01:07:35.070 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-11 01:07:35.071 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 01:07:35.190 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 03:00:05.191 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 03:00:05.273 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 03:27:03.072 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-11 03:27:03.175 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-11 03:27:03.175 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-11 03:27:04.188 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "88167b64fbcb65bf6f3636cbe699e03a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-11 03:27:04.188 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-11 03:27:04.188 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-11 03:27:04.319 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762849624
2025-11-11 03:27:04.319 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762849624
2025-11-11 03:27:04.319 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-11 03:27:04.320 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-11 03:27:04.320 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-11 04:56:12.285 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 04:56:12.370 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 05:58:19.384 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 05:58:19.465 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 06:00:59.676 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-11 06:00:59.676 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-11 06:00:59.676 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-11 06:00:59.676 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-11 06:00:59.677 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-11 06:00:59.677 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-11 06:01:05.732 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-11 06:01:06.747 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-11 06:01:09.044 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 338033266688, \"freespace_total\": 338033266688, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 730762338304, \"freespace_total\": 730762338304, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5308895232, \"free_virtual\": 8494772224, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-11 06:01:09.056 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-11 06:01:09.057 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 06:01:09.172 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 06:39:06.209 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-11 06:39:06.351 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-11 06:39:06.351 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-11 06:39:07.361 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "6e5aecf4faec81079e9b5f1ecb41c421:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-11 06:39:07.362 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-11 06:39:07.362 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-11 06:39:07.478 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762861147
2025-11-11 06:39:07.478 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762861147
2025-11-11 06:39:07.478 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-11 06:39:07.479 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-11 06:39:07.479 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-11 07:32:57.173 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 07:32:57.254 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 08:37:45.254 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 08:37:45.344 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 10:02:21.345 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 10:02:21.427 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 11:03:33.429 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 11:03:33.512 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 12:45:15.515 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 12:45:15.596 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 13:53:40.612 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 13:53:40.705 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 15:36:16.892 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 15:36:16.973 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 17:00:52.973 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 17:00:53.073 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 18:56:06.085 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 18:56:06.166 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 20:21:37.180 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 20:21:37.279 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 20:52:05.127 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-11 20:52:05.276 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-11 20:52:05.276 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-11 20:52:05.450 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-11 20:52:05.503 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104817
2025-11-11 20:52:05.920 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104817
2025-11-11 20:52:05.920 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104817
2025-11-11 20:52:05.933 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-11 20:52:05.970 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-11 20:52:06.001 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-11 20:52:06.010 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-11 20:52:06.107 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-11 20:52:06.461 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-11 20:52:06.583 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-11 20:52:06.583 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-11 22:06:56.293 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 22:06:56.374 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-11 23:16:14.376 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-11 23:16:14.480 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 00:48:02.481 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 00:48:02.565 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 01:02:00.652 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-12 01:08:23.531 [60623] info on_nebula.cpp::handle Scan complete, duration: 383
2025-11-12 01:08:23.532 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-12 01:08:23.533 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 01:08:23.652 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 02:11:24.664 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 02:11:24.746 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 03:34:12.746 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 03:34:12.828 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 04:57:54.829 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 04:57:54.913 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 06:00:58.928 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-12 06:00:58.928 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-12 06:00:58.928 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-12 06:00:58.928 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-12 06:00:58.929 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-12 06:00:58.929 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-12 06:01:05.357 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-12 06:01:05.369 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-12 06:01:08.531 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 332189163520, \"freespace_total\": 332189163520, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 729916125184, \"freespace_total\": 729916125184, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7766327296, \"free_virtual\": 8497131520, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-12 06:01:08.534 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-12 06:54:54.914 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 06:54:54.998 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 08:24:56.011 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 08:24:56.094 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 09:34:42.410 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-12 09:34:42.518 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-12 09:34:42.519 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-12 09:34:43.530 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202509021852"}], "policy_etag": "6eb2c45052a02f151e45daac0c10ed5b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-12 09:34:43.530 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-12 09:34:43.530 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-12 09:34:43.666 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1762958083
2025-11-12 09:34:43.666 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1762958083
2025-11-12 09:34:43.666 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-12 09:34:43.667 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-12 09:34:43.667 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-12 10:05:44.095 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 10:05:44.180 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 11:46:33.191 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 11:46:33.299 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 13:19:15.300 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 13:19:15.381 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 15:15:22.393 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 15:15:22.473 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 16:35:28.474 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 16:35:28.555 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 18:16:16.740 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 18:16:16.822 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 19:58:52.823 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 19:58:52.905 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 20:52:11.321 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-12 20:52:11.486 [60621] info sirius.cpp::downloadUpdates updating package: mblinux.db.rules
2025-11-12 20:52:11.599 [60621] info sirius.cpp::backupEntry Backing up package: mblinux.db.rules
2025-11-12 20:52:11.605 [60621] info sirius.cpp::download updated mblinux.db.rules to version 2.0.202511121903
2025-11-12 20:52:11.606 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-12 20:52:11.765 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-12 20:52:11.793 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104853
2025-11-12 20:52:12.200 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104853
2025-11-12 20:52:12.200 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104853
2025-11-12 20:52:12.215 [60621] info sirius.cpp::installDownloaded installed mblinux.db.rules 2.0.202511121903
2025-11-12 20:52:12.215 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-12 20:52:12.222 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-12 20:52:12.253 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-12 20:52:12.292 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-12 20:52:12.328 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-12 20:52:12.329 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-12 20:52:12.449 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-12 20:52:12.450 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-12 20:52:14.961 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "6eb2c45052a02f151e45daac0c10ed5b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-12 20:52:18.975 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "6eb2c45052a02f151e45daac0c10ed5b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-12 21:21:40.907 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 21:21:40.987 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-12 22:21:58.987 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-12 22:21:59.069 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 00:09:05.070 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 00:09:05.152 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 01:01:59.309 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-13 01:08:04.860 [60623] info on_nebula.cpp::handle Scan complete, duration: 365
2025-11-13 01:08:04.862 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-13 01:08:04.863 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 01:08:05.015 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 02:50:41.406 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 02:50:41.500 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 04:08:59.503 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 04:08:59.584 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 05:38:59.586 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 05:39:00.189 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 06:01:00.278 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-13 06:01:00.278 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-13 06:01:00.278 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-13 06:01:00.278 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-13 06:01:00.278 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-13 06:01:00.279 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-13 06:01:06.699 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-13 06:01:07.711 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-13 06:01:10.890 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 326737735680, \"freespace_total\": 326737735680, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 729317543936, \"freespace_total\": 729317543936, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8484896768, \"free_virtual\": 8494563328, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-13 06:01:10.897 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-13 07:11:42.190 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 07:11:42.270 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 08:57:55.282 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 08:57:55.364 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 10:07:14.376 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 10:07:14.459 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 12:01:32.651 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 12:01:32.732 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 13:43:14.932 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 13:43:15.014 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 15:12:21.016 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 15:12:21.098 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 16:38:46.109 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 16:38:46.192 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 18:10:34.400 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 18:10:34.482 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 19:22:34.483 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 19:22:34.564 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 20:52:17.021 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-13 20:52:17.174 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-13 20:52:17.174 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-13 20:52:17.369 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-13 20:52:17.408 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104897
2025-11-13 20:52:17.823 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104897
2025-11-13 20:52:17.823 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104897
2025-11-13 20:52:17.836 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-13 20:52:17.873 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-13 20:52:17.908 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-13 20:52:17.912 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-13 20:52:18.034 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-13 20:52:18.034 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-13 20:52:18.178 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-13 20:52:18.179 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-13 20:52:20.709 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "6eb2c45052a02f151e45daac0c10ed5b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-13 20:52:23.723 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "6eb2c45052a02f151e45daac0c10ed5b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-13 21:05:10.565 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 21:05:10.664 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-13 22:30:41.679 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-13 22:30:41.761 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 00:12:23.762 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 00:12:23.844 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 01:01:58.242 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-14 01:07:46.292 [60623] info on_nebula.cpp::handle Scan complete, duration: 348
2025-11-14 01:07:46.294 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-14 01:07:46.295 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 01:07:46.426 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 02:08:04.428 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 02:08:04.513 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 03:16:28.513 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 03:16:28.593 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 04:40:10.780 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 04:40:10.869 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 05:47:41.060 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 05:47:41.142 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 06:01:00.411 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-14 06:01:00.411 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-14 06:01:00.411 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-14 06:01:00.411 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-14 06:01:00.412 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-14 06:01:00.412 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-14 06:01:06.603 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-14 06:01:07.662 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-14 06:01:10.140 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 320812412928, \"freespace_total\": 320812412928, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 728710705152, \"freespace_total\": 728710705152, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6766358528, \"free_virtual\": 8494989312, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-14 06:01:10.146 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-14 07:25:47.144 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 07:25:47.225 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 09:11:59.227 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 09:11:59.309 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 09:16:49.621 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-14 09:16:50.569 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-14 09:16:50.570 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-14 09:16:51.581 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "ce899a40aa27c9d9bece5916a5675ec7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-14 09:16:51.582 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-14 09:16:51.582 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-14 09:16:51.676 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763129811
2025-11-14 09:16:51.676 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763129811
2025-11-14 09:16:51.676 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-14 09:16:51.678 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-14 09:16:51.678 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-14 10:27:35.310 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 10:27:35.390 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 12:00:18.402 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 12:00:18.483 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 13:48:18.671 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 13:48:18.753 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 15:39:54.754 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 15:39:54.837 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 17:15:18.838 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 17:15:18.921 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 18:54:18.922 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 18:54:19.003 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 19:59:07.004 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 19:59:07.085 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 20:52:22.270 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-14 20:52:22.443 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-14 20:52:22.443 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-14 20:52:22.634 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-14 20:52:22.675 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104941
2025-11-14 20:52:23.091 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104941
2025-11-14 20:52:23.091 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104941
2025-11-14 20:52:23.106 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-14 20:52:23.144 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-14 20:52:23.199 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-14 20:52:23.203 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-14 20:52:23.311 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-14 20:52:23.311 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-14 20:52:23.432 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-14 20:52:23.434 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-14 20:52:25.123 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "ce899a40aa27c9d9bece5916a5675ec7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-14 20:52:29.137 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "ce899a40aa27c9d9bece5916a5675ec7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-14 21:38:07.086 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 21:38:07.168 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-14 23:07:13.575 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-14 23:07:13.658 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 00:10:13.853 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 00:10:13.936 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 01:01:58.035 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-15 01:07:54.716 [60623] info on_nebula.cpp::handle Scan complete, duration: 356
2025-11-15 01:07:54.717 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-15 01:07:54.718 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 01:07:54.842 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 02:40:30.152 [60623] info client.cpp::callSync []
2025-11-15 02:40:31.268 [60623] info client.cpp::syncExclusions Updated exclusions: 9b18c90fba92aaa084d0a11ae62e4232
2025-11-15 02:40:31.268 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 9b18c90fba92aaa084d0a11ae62e4232
2025-11-15 02:40:31.268 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-15 02:40:31.269 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-15 02:40:31.270 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-15 02:40:31.272 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 02:40:31.362 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 04:40:13.362 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 04:40:13.463 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 05:45:55.652 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 05:45:55.753 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 06:00:59.107 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-15 06:00:59.107 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-15 06:00:59.107 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-15 06:00:59.107 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-15 06:00:59.108 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-15 06:00:59.108 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-15 06:01:05.555 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-15 06:01:06.570 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-15 06:01:09.767 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 314792263680, \"freespace_total\": 314792263680, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 728157466624, \"freespace_total\": 728157466624, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8206774272, \"free_virtual\": 8497131520, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-15 06:01:09.772 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-15 07:06:01.963 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 07:06:02.046 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 08:42:20.256 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 08:42:20.339 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 10:07:50.341 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 10:07:50.427 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 11:23:26.627 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 11:23:26.708 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 12:58:50.710 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 12:58:50.790 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 14:01:50.990 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 14:01:51.097 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 15:11:21.117 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-15 15:11:21.253 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-15 15:11:21.254 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-15 15:11:22.480 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "d3c8a155c5fee0f44d862c18427a2846:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-15 15:11:22.480 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-15 15:11:22.480 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-15 15:11:22.583 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763237482
2025-11-15 15:11:22.583 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763237482
2025-11-15 15:11:22.583 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-15 15:11:22.584 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-15 15:11:22.584 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-15 15:46:15.098 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 15:46:15.180 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 17:27:57.377 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 17:27:57.479 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 18:03:08.763 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-15 18:03:08.894 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-15 18:03:08.894 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-15 18:03:09.905 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "2d57aa5ccd6d89c6e1989e314ea69776:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-15 18:03:09.905 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-15 18:03:09.905 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-15 18:03:10.051 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763247789
2025-11-15 18:03:10.052 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763247789
2025-11-15 18:03:10.052 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-15 18:03:10.053 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-15 18:03:10.053 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-15 19:05:09.481 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 19:05:09.609 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 20:52:15.808 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 20:52:15.889 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 20:52:28.158 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-15 20:52:28.347 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-15 20:52:28.347 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-15 20:52:28.543 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-15 20:52:28.670 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104961
2025-11-15 20:52:29.100 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104961
2025-11-15 20:52:29.100 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104961
2025-11-15 20:52:29.117 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-15 20:52:29.154 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-15 20:52:29.163 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-15 20:52:29.262 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-15 20:52:29.365 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-15 20:52:29.365 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-15 20:52:29.495 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-15 20:52:29.497 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-15 20:52:30.942 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "2d57aa5ccd6d89c6e1989e314ea69776:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-15 20:52:34.956 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "2d57aa5ccd6d89c6e1989e314ea69776:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-15 22:06:57.899 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 22:06:57.980 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-15 23:15:21.974 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-15 23:15:22.054 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 01:01:58.135 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-16 01:07:50.981 [60623] info on_nebula.cpp::handle Scan complete, duration: 352
2025-11-16 01:07:50.983 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-16 01:07:50.984 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 01:07:51.088 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 02:42:21.090 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 02:42:21.187 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 02:44:58.327 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-16 02:44:58.428 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-16 02:44:58.428 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-16 02:44:59.438 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "e37ea83ce729f714f17f72232691e6dd:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-16 02:44:59.439 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-16 02:44:59.439 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-16 02:44:59.555 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763279099
2025-11-16 02:44:59.555 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763279099
2025-11-16 02:44:59.555 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-16 02:44:59.556 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-16 02:44:59.556 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-16 04:11:27.188 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 04:11:27.280 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 05:18:03.281 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 05:18:03.382 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 06:00:58.532 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-16 06:00:58.532 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-16 06:00:58.533 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-16 06:00:58.533 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-16 06:00:58.534 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-16 06:00:58.534 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-16 06:01:04.651 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-16 06:01:05.667 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-16 06:01:08.871 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 306757996544, \"freespace_total\": 306757996544, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 727588425728, \"freespace_total\": 727588425728, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5959127040, \"free_virtual\": 8484024320, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-16 06:01:08.874 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-16 07:06:03.383 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 07:06:03.465 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 08:18:03.659 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 08:18:03.742 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 09:41:46.754 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 09:41:46.834 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 11:15:22.835 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 11:15:22.917 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 12:43:35.292 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 12:43:35.397 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 14:03:41.399 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 14:03:41.482 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 15:57:06.494 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 15:57:06.583 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 17:50:30.774 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 17:50:30.855 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 18:47:01.172 [60623] info client.cpp::callSync []
2025-11-16 18:47:02.281 [60623] info client.cpp::syncExclusions Updated exclusions: b09b20fa44acaa0a2759389260a02246
2025-11-16 18:47:02.281 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: b09b20fa44acaa0a2759389260a02246
2025-11-16 18:47:02.281 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-16 18:47:02.283 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-16 18:47:02.283 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-16 18:47:02.285 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 18:47:02.366 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 20:00:50.551 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 20:00:50.632 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 20:52:33.875 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-16 20:52:34.075 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-16 20:52:34.075 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-16 20:52:34.245 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-16 20:52:34.420 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.104975
2025-11-16 20:52:34.948 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.104975
2025-11-16 20:52:34.948 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.104975
2025-11-16 20:52:35.147 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-16 20:52:35.188 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-16 20:52:35.241 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-16 20:52:35.251 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-16 20:52:35.370 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-16 20:52:35.370 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-16 20:52:35.517 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-16 20:52:35.518 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-16 20:52:37.746 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "e37ea83ce729f714f17f72232691e6dd:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-16 20:52:41.760 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "e37ea83ce729f714f17f72232691e6dd:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-16 21:46:08.632 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 21:46:08.714 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-16 22:49:08.717 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-16 22:49:08.808 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 00:40:44.810 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 00:40:44.892 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 01:01:59.189 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-17 01:08:50.582 [60623] info on_nebula.cpp::handle Scan complete, duration: 411
2025-11-17 01:08:50.583 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-17 01:08:50.584 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 01:08:50.719 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 03:03:09.735 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 03:03:09.835 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 04:07:57.836 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 04:07:57.925 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 05:13:40.114 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 05:13:40.201 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 06:00:58.458 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-17 06:00:58.458 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-17 06:00:58.458 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-17 06:00:58.458 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-17 06:00:58.459 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-17 06:00:58.467 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-17 06:01:05.136 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-17 06:01:06.186 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-17 06:01:09.651 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 318202253312, \"freespace_total\": 318202253312, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 727055687680, \"freespace_total\": 727055687680, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 657367040, \"free_virtual\": 8489005056, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}]
2025-11-17 06:01:09.656 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-17 06:41:52.392 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 06:41:52.491 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 08:19:59.504 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 08:19:59.585 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 09:35:35.982 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 09:35:36.064 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 11:07:24.065 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 11:07:24.190 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 12:35:36.191 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 12:35:36.296 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 13:40:24.296 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 13:40:24.389 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 14:06:33.057 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-17 14:06:33.498 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-17 14:06:33.498 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-17 14:06:34.513 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "8008d3b7fbb1997ca62776d6e18a5eea:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-17 14:06:34.514 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-17 14:06:34.514 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-17 14:06:34.650 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763406394
2025-11-17 14:06:34.651 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763406394
2025-11-17 14:06:34.651 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-17 14:06:34.651 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-17 14:06:34.651 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-17 15:06:48.390 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 15:06:48.471 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 16:26:54.473 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 16:26:54.573 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 17:46:07.587 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 17:46:07.669 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 17:57:42.173 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-17 17:57:42.276 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-17 17:57:42.276 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-17 17:57:43.364 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "527223b1da842cfba7d0adb057aa9580:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-17 17:57:43.366 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-17 17:57:43.366 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-17 17:57:43.494 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763420263
2025-11-17 17:57:43.494 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763420263
2025-11-17 17:57:43.494 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-17 17:57:43.494 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-17 17:57:43.494 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-17 19:09:49.865 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 19:09:49.948 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 20:52:25.949 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 20:52:26.041 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 20:52:39.952 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-17 20:52:40.146 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-17 20:52:40.146 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-17 20:52:40.320 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-17 20:52:40.492 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105013
2025-11-17 20:52:41.035 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105013
2025-11-17 20:52:41.035 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105013
2025-11-17 20:52:41.243 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-17 20:52:41.276 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-17 20:52:41.297 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-17 20:52:41.352 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-17 20:52:41.422 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-17 20:52:41.423 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-17 20:52:41.544 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-17 20:52:41.546 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-17 20:52:42.094 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "527223b1da842cfba7d0adb057aa9580:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-17 20:52:58.149 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "527223b1da842cfba7d0adb057aa9580:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-17 22:09:50.047 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 22:09:50.129 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-17 23:26:20.130 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-17 23:26:20.230 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 01:01:59.285 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-18 01:08:14.846 [60623] info on_nebula.cpp::handle Scan complete, duration: 375
2025-11-18 01:08:14.848 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-18 01:08:14.849 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 01:08:14.969 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 02:46:20.970 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 02:46:21.051 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 04:05:34.063 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 04:05:34.143 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 05:55:22.146 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 05:55:22.236 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 06:00:58.289 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-18 06:00:58.289 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-18 06:00:58.289 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-18 06:00:58.289 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-18 06:00:58.290 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-18 06:00:58.290 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-18 06:01:04.714 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-18 06:01:05.727 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-18 06:01:07.940 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 315684524032, \"freespace_total\": 315684524032, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 726497558528, \"freespace_total\": 726497558528, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 683671552, \"free_virtual\": 8498966528, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}]
2025-11-18 06:01:07.942 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-18 07:54:10.237 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 07:54:10.319 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 09:12:29.331 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 09:12:29.414 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 10:39:41.273 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-18 10:39:41.379 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-18 10:39:41.380 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-18 10:39:42.390 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "386e9dbddd143de0a06e415d91d74529:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-18 10:39:42.391 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-18 10:39:42.391 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-18 10:39:42.538 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763480382
2025-11-18 10:39:42.538 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763480382
2025-11-18 10:39:42.538 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-18 10:39:42.539 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-18 10:39:42.539 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-18 11:13:05.416 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 11:13:05.499 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 12:38:35.500 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 12:38:35.581 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 14:02:17.583 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 14:02:17.664 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 14:54:08.781 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-18 14:54:08.990 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-18 14:54:08.990 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-18 14:54:10.001 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "4c96439b21e45bc05475ce4fececa6ee:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-18 14:54:10.001 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-18 14:54:10.001 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-18 14:54:10.162 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763495650
2025-11-18 14:54:10.162 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763495650
2025-11-18 14:54:10.162 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-18 14:54:10.163 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-18 14:54:10.163 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-18 16:02:53.863 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 16:02:53.946 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 17:54:29.948 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 17:54:30.049 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 19:01:06.050 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 19:01:06.132 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 20:20:18.133 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 20:20:18.216 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 20:52:46.082 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-18 20:52:46.285 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-18 20:52:46.285 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-18 20:52:46.475 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-18 20:52:46.517 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105037
2025-11-18 20:52:47.178 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105037
2025-11-18 20:52:47.178 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105037
2025-11-18 20:52:47.364 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-18 20:52:47.403 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-18 20:52:47.443 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-18 20:52:47.458 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-18 20:52:47.584 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-18 20:52:47.585 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-18 20:52:47.751 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-18 20:52:47.754 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-18 20:52:51.257 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "4c96439b21e45bc05475ce4fececa6ee:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-18 20:52:55.270 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "4c96439b21e45bc05475ce4fececa6ee:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-18 21:57:31.258 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 21:57:31.341 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-18 23:48:13.505 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-18 23:48:13.588 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 01:01:58.790 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-19 01:08:28.438 [60623] info on_nebula.cpp::handle Scan complete, duration: 390
2025-11-19 01:08:28.440 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-19 01:08:28.441 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 01:08:28.569 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 02:36:41.580 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 02:36:41.663 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 04:22:53.664 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 04:22:53.748 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 05:23:22.832 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-19 05:23:22.935 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-19 05:23:22.935 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-19 05:23:24.063 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "dd7ee62f3206120a812e9a41cbe8af08:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-19 05:23:24.063 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-19 05:23:24.063 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-19 05:23:24.214 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763547804
2025-11-19 05:23:24.214 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763547804
2025-11-19 05:23:24.214 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-19 05:23:24.215 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-19 05:23:24.215 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-19 05:37:29.713 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-19 05:37:29.836 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-19 05:37:29.836 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-19 05:37:31.865 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "ad7ec9b2324b8728aed3563b6722f33b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-19 05:37:31.865 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-19 05:37:31.865 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-19 05:37:31.966 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763548651
2025-11-19 05:37:31.966 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763548651
2025-11-19 05:37:31.966 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-19 05:37:31.967 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-19 05:37:31.967 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-19 06:00:59.759 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-19 06:00:59.759 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-19 06:00:59.759 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-19 06:00:59.759 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-19 06:00:59.759 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-19 06:00:59.760 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-19 06:01:06.201 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-19 06:01:07.213 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-19 06:01:09.389 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 314071416832, \"freespace_total\": 314071416832, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 725936328704, \"freespace_total\": 725936328704, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 2618642432, \"free_virtual\": 8487432192, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-19 06:01:09.392 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-19 06:01:09.393 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 06:01:09.513 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 07:50:57.514 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 07:50:57.598 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 09:15:34.609 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 09:15:34.691 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 09:49:32.841 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-19 09:49:33.001 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-19 09:49:33.001 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-19 09:49:34.012 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "60fd38297f41b8361c944910b2a92f3e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-19 09:49:34.013 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-19 09:49:34.013 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-19 09:49:34.169 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763563774
2025-11-19 09:49:34.169 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763563774
2025-11-19 09:49:34.169 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-19 09:49:34.170 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-19 09:49:34.170 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-19 10:23:21.947 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-19 10:23:22.050 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-19 10:23:22.050 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-19 10:23:23.061 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "ea1c5ec2c32b1a7ed177c91f5eeb3946:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-19 10:23:23.061 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-19 10:23:23.061 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-19 10:23:23.207 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763565803
2025-11-19 10:23:23.207 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763565803
2025-11-19 10:23:23.207 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-19 10:23:23.208 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-19 10:23:23.208 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-19 11:12:34.691 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 11:12:34.773 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 12:19:10.775 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 12:19:10.856 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 13:27:34.858 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 13:27:34.938 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 13:38:35.085 [60623] info client.cpp::registerRefresh nebula client refresh success
2025-11-19 13:38:35.086 [60623] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2025-11-19 13:38:35.109 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 13:38:35.212 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 15:12:11.400 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 15:12:11.481 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 17:03:47.482 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 17:03:47.562 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 17:20:37.619 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-19 17:20:37.766 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-19 17:20:37.766 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-19 17:20:38.781 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "2123044fdcd57b50b0cab05d80f1adf5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-19 17:20:38.782 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-19 17:20:38.782 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-19 17:20:38.918 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763590838
2025-11-19 17:20:38.918 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763590838
2025-11-19 17:20:38.918 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-19 17:20:38.919 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-19 17:20:38.919 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-19 18:56:17.564 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 18:56:17.661 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 20:52:51.818 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-19 20:52:51.985 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-19 20:52:51.985 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-19 20:52:52.187 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-19 20:52:52.233 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105069
2025-11-19 20:52:52.892 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105069
2025-11-19 20:52:52.892 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105069
2025-11-19 20:52:52.913 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-19 20:52:53.085 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-19 20:52:53.122 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-19 20:52:53.161 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-19 20:52:53.199 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-19 20:52:53.199 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-19 20:52:53.347 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-19 20:52:53.349 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-19 20:52:54.766 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "2123044fdcd57b50b0cab05d80f1adf5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-19 20:52:58.780 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "2123044fdcd57b50b0cab05d80f1adf5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-19 20:55:05.663 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 20:55:05.745 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 22:15:11.943 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 22:15:12.025 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-19 23:56:00.026 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-19 23:56:00.114 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 01:14:19.126 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 01:14:19.209 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 02:53:19.210 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 02:53:19.292 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 04:20:37.293 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 04:20:37.373 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 06:00:59.333 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-20 06:00:59.337 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-20 06:00:59.337 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-20 06:00:59.337 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-20 06:00:59.338 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-20 06:00:59.341 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-20 06:01:05.524 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-20 06:01:06.536 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-20 06:01:09.716 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 312253743104, \"freespace_total\": 312253743104, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 725387128832, \"freespace_total\": 725387128832, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3198046208, \"free_virtual\": 8488480768, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-20 06:01:09.719 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-20 06:14:02.385 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 06:14:02.487 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 06:19:57.401 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-20 06:19:57.502 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-20 06:19:57.502 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-20 06:19:58.512 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "aee5b24f11e3e032964cbc7ee34e07e9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-20 06:19:58.513 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-20 06:19:58.513 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-20 06:19:58.656 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763637598
2025-11-20 06:19:58.657 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763637598
2025-11-20 06:19:58.657 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-20 06:19:58.657 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-20 06:19:58.657 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-20 08:01:08.489 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 08:01:08.570 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 08:46:39.619 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-20 08:46:39.792 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-20 08:46:39.792 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-20 08:46:39.803 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "901fc2e42ac085b9d748b613d26d4790:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-20 08:46:39.804 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-20 08:46:39.804 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-20 08:46:39.897 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763646399
2025-11-20 08:46:39.897 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763646399
2025-11-20 08:46:39.897 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-20 08:46:39.898 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-20 08:46:39.898 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-20 09:26:38.571 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 09:26:38.652 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 11:10:08.847 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 11:10:08.933 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 12:55:26.935 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 12:55:27.018 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 14:39:51.019 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 14:39:51.105 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 15:44:39.106 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 15:44:39.188 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 17:28:10.204 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 17:28:10.340 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 19:13:29.359 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 19:13:29.462 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 20:52:57.651 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-20 20:52:57.861 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-20 20:52:57.861 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-20 20:52:58.036 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-20 20:52:58.085 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105095
2025-11-20 20:52:58.540 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105095
2025-11-20 20:52:58.541 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105095
2025-11-20 20:52:58.556 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-20 20:52:58.595 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-20 20:52:58.629 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-20 20:52:58.634 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-20 20:52:58.745 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-20 20:52:58.746 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-20 20:52:58.876 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-20 20:52:58.877 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-20 20:53:01.568 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "901fc2e42ac085b9d748b613d26d4790:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-20 20:53:05.581 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "901fc2e42ac085b9d748b613d26d4790:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "443239e028b6d7daddd09b27bdfeaf5c", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "e2eb8d13355cc2dfd8c8a5181309088d", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-20 21:10:30.475 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 21:10:30.557 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-20 22:47:43.571 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-20 22:47:43.652 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 00:05:00.139 [60623] info client.cpp::callSync []
2025-11-21 00:05:00.258 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-21 00:05:00.258 [60623] info client.cpp::syncSchedules Schedule store has been updated: 4190631428572617068
2025-11-21 00:05:01.267 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "901fc2e42ac085b9d748b613d26d4790:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-21 00:05:01.401 [60623] info client.cpp::syncExclusions Updated exclusions: 7b66c606febb5225b081b24d5a33bd26
2025-11-21 00:05:01.401 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 7b66c606febb5225b081b24d5a33bd26
2025-11-21 00:05:01.401 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-21 00:05:01.402 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-21 00:05:01.402 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-21 00:05:01.404 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 00:05:01.485 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 01:02:00.561 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-21 01:09:11.153 [60623] info on_nebula.cpp::handle Scan complete, duration: 431
2025-11-21 01:09:11.154 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-21 01:09:11.155 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 01:09:11.291 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 02:32:00.307 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 02:32:00.397 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 03:54:49.410 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 03:54:49.523 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 05:42:51.005 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 05:42:52.482 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 06:01:00.520 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-21 06:01:00.520 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-21 06:01:00.520 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-21 06:01:00.520 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-21 06:01:00.521 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-21 06:01:00.522 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-21 06:01:06.581 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-21 06:01:07.593 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-21 06:01:10.783 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 309231935488, \"freespace_total\": 309231935488, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 724804136960, \"freespace_total\": 724804136960, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 2949632000, \"free_virtual\": 8489267200, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-21 06:01:10.785 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-21 07:29:04.483 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 07:29:04.565 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 09:13:29.582 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 09:13:29.663 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 10:12:53.373 [60623] info client.cpp::sync Command received : event.machine.sync
2025-11-21 10:12:53.458 [60623] error client.cpp::sync ParseError at /src/nebula/client.cpp:708 ()
2025-11-21 10:21:53.665 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 10:21:53.795 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 11:56:23.796 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 11:56:23.878 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 13:56:59.880 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 13:56:59.964 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 15:32:23.966 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 15:32:24.064 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 17:17:42.065 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 17:17:42.164 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 18:25:12.165 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 18:25:12.250 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 20:24:54.251 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 20:24:54.347 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 20:53:03.617 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-21 20:53:03.824 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-21 20:53:03.824 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-21 20:53:04.032 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-21 20:53:04.080 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105125
2025-11-21 20:53:04.573 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105125
2025-11-21 20:53:04.573 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105125
2025-11-21 20:53:04.595 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-21 20:53:04.631 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-21 20:53:04.647 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-21 20:53:04.689 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-21 20:53:04.750 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-21 20:53:04.751 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-21 20:53:04.895 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-21 20:53:04.897 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-21 20:53:05.412 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "901fc2e42ac085b9d748b613d26d4790:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-21 20:53:17.454 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "901fc2e42ac085b9d748b613d26d4790:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-21 22:02:05.948 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 22:02:06.030 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-21 23:28:31.446 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-21 23:28:31.528 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 00:30:37.529 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 00:30:37.610 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 00:56:27.616 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-22 00:56:27.768 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-22 00:56:27.768 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-22 00:56:28.780 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "8250dcfcc9c44d0638fbc279cb2cea7b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-22 00:56:28.780 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-22 00:56:28.780 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-22 00:56:28.921 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763790988
2025-11-22 00:56:28.921 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763790988
2025-11-22 00:56:28.921 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-22 00:56:28.923 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-22 00:56:28.923 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-22 01:39:01.611 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 01:39:01.693 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 03:01:49.693 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 03:01:49.792 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 04:19:14.802 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 04:19:14.890 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 06:00:56.892 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 06:00:56.983 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 06:01:01.004 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-22 06:01:01.004 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-22 06:01:01.004 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-22 06:01:01.004 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-22 06:01:01.005 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-22 06:01:01.005 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-22 06:01:07.072 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-22 06:01:08.085 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-22 06:01:11.299 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 308048277504, \"freespace_total\": 308048277504, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 724245209088, \"freespace_total\": 724245209088, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3878678528, \"free_virtual\": 8238133248, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-22 06:01:11.302 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-22 07:36:21.201 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 07:36:21.302 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 09:23:27.303 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 09:23:27.404 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 10:56:09.788 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 10:56:09.870 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 12:26:09.872 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 12:26:09.952 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 14:24:57.954 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 14:24:58.034 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 16:10:16.036 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 16:10:16.143 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 18:07:16.145 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 18:07:16.239 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 18:26:24.583 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-22 18:26:25.121 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-22 18:26:25.121 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-22 18:26:26.136 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "67756e42218f45cede39966df35f3a32:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-22 18:26:26.137 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-22 18:26:26.137 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-22 18:26:26.279 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763853986
2025-11-22 18:26:26.279 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763853986
2025-11-22 18:26:26.279 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-22 18:26:26.290 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-22 18:26:26.290 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-22 19:25:34.256 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 19:25:34.359 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 20:53:09.441 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-22 20:53:09.650 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-22 20:53:09.650 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-22 20:53:09.866 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-22 20:53:10.169 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105143
2025-11-22 20:53:10.631 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105143
2025-11-22 20:53:10.631 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105143
2025-11-22 20:53:10.827 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-22 20:53:10.866 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-22 20:53:10.881 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-22 20:53:10.916 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-22 20:53:11.026 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-22 20:53:11.026 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-22 20:53:11.196 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-22 20:53:11.197 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-22 20:53:13.437 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "67756e42218f45cede39966df35f3a32:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-22 20:53:25.479 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "67756e42218f45cede39966df35f3a32:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-22 20:57:22.376 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 20:57:22.459 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-22 21:12:20.297 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-22 21:12:20.399 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-22 21:12:20.399 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-22 21:12:21.410 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "7df3e3ea27b2fe6e42c86d1239aca84d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-22 21:12:21.411 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-22 21:12:21.411 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-22 21:12:21.548 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763863941
2025-11-22 21:12:21.549 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763863941
2025-11-22 21:12:21.549 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-22 21:12:21.549 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-22 21:12:21.549 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-22 22:16:34.457 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-22 22:16:34.546 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 00:01:52.551 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 00:01:52.634 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 01:02:00.987 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-23 01:08:57.809 [60623] info on_nebula.cpp::handle Scan complete, duration: 417
2025-11-23 01:08:57.810 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-23 01:08:57.812 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 01:08:57.952 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 02:47:03.954 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 02:47:04.055 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 03:57:16.276 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 03:57:16.359 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 05:48:52.584 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 05:48:52.669 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 06:01:00.794 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-23 06:01:00.794 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-23 06:01:00.794 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-23 06:01:00.795 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-23 06:01:00.795 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-23 06:01:00.803 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-23 06:01:06.860 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-23 06:01:07.875 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-23 06:01:11.078 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 303278997504, \"freespace_total\": 303278997504, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 723651674112, \"freespace_total\": 723651674112, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 2629963776, \"free_virtual\": 8310484992, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-23 06:01:11.082 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-23 06:50:59.681 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 06:50:59.764 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 08:17:13.118 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-23 08:17:13.242 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-23 08:17:13.243 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-23 08:17:14.255 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "89d9c848caf373c994f4ea88ad4cd506:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-23 08:17:14.256 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-23 08:17:14.256 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-23 08:17:14.398 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763903834
2025-11-23 08:17:14.398 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763903834
2025-11-23 08:17:14.398 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-23 08:17:14.399 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-23 08:17:14.399 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-23 08:41:41.780 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 08:41:41.910 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 09:44:41.911 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 09:44:42.004 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 10:59:24.021 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 10:59:24.123 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 12:49:12.125 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 12:49:12.226 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 13:28:29.376 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-23 13:28:29.534 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-23 13:28:29.534 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-23 13:28:30.547 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "5357336718c1b169a294126b27dee70d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-23 13:28:30.548 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-23 13:28:30.548 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-23 13:28:30.692 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1763922510
2025-11-23 13:28:30.692 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1763922510
2025-11-23 13:28:30.692 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-23 13:28:30.693 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-23 13:28:30.693 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-23 14:27:18.228 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 14:27:18.319 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 16:22:30.321 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 16:22:30.405 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 18:06:54.406 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 18:06:54.493 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 19:29:42.494 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 19:29:42.576 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 20:53:15.657 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-23 20:53:15.814 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-23 20:53:15.814 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-23 20:53:16.237 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-23 20:53:16.285 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105157
2025-11-23 20:53:16.745 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105157
2025-11-23 20:53:16.746 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105157
2025-11-23 20:53:16.969 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-23 20:53:17.039 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-23 20:53:17.051 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-23 20:53:17.085 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-23 20:53:17.206 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-23 20:53:17.206 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-23 20:53:17.360 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-23 20:53:17.362 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-23 21:28:30.578 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 21:28:30.704 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 22:36:00.707 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 22:36:00.809 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-23 23:51:37.826 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-23 23:51:37.926 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 01:16:13.927 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 01:16:14.010 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 02:54:21.023 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 02:54:21.151 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 04:31:33.163 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 04:31:33.245 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 05:51:39.248 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 05:51:39.359 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 06:00:59.434 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-24 06:00:59.434 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-24 06:00:59.434 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-24 06:00:59.434 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-24 06:00:59.434 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-24 06:00:59.435 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-24 06:01:05.887 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-24 06:01:06.902 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-24 06:01:10.197 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 319800487936, \"freespace_total\": 319800487936, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 723075690496, \"freespace_total\": 723075690496, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1381048320, \"free_virtual\": 8342204416, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-24 06:01:10.200 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-24 07:45:04.374 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 07:45:04.456 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 08:49:53.468 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 08:49:53.550 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 10:07:17.551 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 10:07:17.631 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 11:58:53.633 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 11:58:53.714 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 13:54:59.716 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 13:54:59.800 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 15:02:30.811 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 15:02:30.893 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 16:37:54.895 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 16:37:55.012 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 18:25:01.209 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 18:25:01.297 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 19:25:20.309 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 19:25:20.391 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 20:53:22.331 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-24 20:53:22.578 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-24 20:53:22.578 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-24 20:53:22.782 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-24 20:53:22.963 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105193
2025-11-24 20:53:23.541 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105193
2025-11-24 20:53:23.541 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105193
2025-11-24 20:53:23.556 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-24 20:53:23.564 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-24 20:53:23.618 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-24 20:53:23.683 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-24 20:53:23.715 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-24 20:53:23.715 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-24 20:53:23.864 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-24 20:53:23.865 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-24 21:01:38.392 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 21:01:38.478 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-24 22:56:50.480 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-24 22:56:50.563 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 00:17:50.569 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 00:17:50.660 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 01:02:00.677 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-25 01:08:47.502 [60623] info on_nebula.cpp::handle Scan complete, duration: 407
2025-11-25 01:08:47.504 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-25 01:08:47.505 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 01:08:47.592 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 02:38:47.595 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 02:38:47.677 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 03:40:00.696 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 03:40:00.786 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 04:55:36.787 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 04:55:36.869 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 06:01:00.188 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-25 06:01:00.188 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-25 06:01:00.189 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-25 06:01:00.189 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-25 06:01:00.189 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-25 06:01:00.191 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-25 06:01:06.248 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-25 06:01:06.260 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-25 06:01:09.468 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 316325232640, \"freespace_total\": 316325232640, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 722455937024, \"freespace_total\": 722455937024, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1802240000, \"free_virtual\": 8327786496, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-25 06:01:09.470 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-25 06:47:12.869 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 06:47:12.951 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 08:13:36.947 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 08:13:37.032 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 09:16:38.043 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 09:16:38.124 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 10:40:20.125 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 10:40:20.208 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 11:47:51.222 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 11:47:51.322 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 12:04:17.257 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-25 12:04:17.386 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-25 12:04:17.388 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-25 12:04:18.406 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "421895c2aa1f08b6382dbc9a47e6152c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-25 12:04:18.407 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-25 12:04:18.408 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-25 12:04:18.500 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764090258
2025-11-25 12:04:18.500 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764090258
2025-11-25 12:04:18.500 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-25 12:04:18.502 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-25 12:04:18.502 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-25 12:58:58.339 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 12:58:58.449 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 14:42:28.450 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 14:42:28.533 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 16:11:34.534 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 16:11:34.624 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 17:26:16.626 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 17:26:16.708 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 18:51:46.710 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 18:51:46.792 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 20:24:29.805 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 20:24:29.902 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 20:53:28.506 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-25 20:53:28.678 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-25 20:53:28.678 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-25 20:53:28.880 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-25 20:53:29.048 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105219
2025-11-25 20:53:29.621 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105219
2025-11-25 20:53:29.621 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105219
2025-11-25 20:53:29.819 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-25 20:53:29.857 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-25 20:53:29.877 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-25 20:53:29.899 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-25 20:53:30.009 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-25 20:53:30.009 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-25 20:53:30.153 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-25 20:53:30.155 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-25 21:50:54.049 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 21:50:54.149 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-25 23:29:54.214 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-25 23:29:54.314 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 00:58:07.318 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 00:58:07.399 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 01:01:59.457 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-26 01:08:17.540 [60623] info on_nebula.cpp::handle Scan complete, duration: 378
2025-11-26 01:08:17.541 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-26 01:08:17.542 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 01:08:17.678 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 02:42:48.691 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 02:42:48.794 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 04:11:55.806 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 04:11:55.903 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 05:36:33.404 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 05:36:39.008 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 07:21:57.009 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 07:21:57.094 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 08:13:32.378 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-26 08:13:32.532 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-26 08:13:32.533 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-26 08:13:33.545 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "6c811c785873fd6243233e9c6580233e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-26 08:13:33.546 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-26 08:13:33.547 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-26 08:13:33.727 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764162813
2025-11-26 08:13:33.727 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764162813
2025-11-26 08:13:33.727 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-26 08:13:33.728 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-26 08:13:33.728 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-26 09:13:34.106 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 09:13:34.190 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 10:19:16.191 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 10:19:16.275 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 11:33:04.277 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 11:33:04.376 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 12:42:57.365 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-26 12:42:57.492 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-26 12:42:57.492 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-26 12:42:58.503 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "1f7a82e66a45099189f5bbb94453914a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-26 12:42:58.504 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-26 12:42:58.504 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-26 12:42:58.630 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764178978
2025-11-26 12:42:58.631 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764178978
2025-11-26 12:42:58.631 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-26 12:42:58.632 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-26 12:42:58.632 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-26 13:28:17.392 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 13:28:17.473 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 14:49:17.476 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 14:49:17.573 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 16:03:59.774 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 16:03:59.856 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 17:58:17.858 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 17:58:17.943 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 19:19:18.146 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 19:19:18.230 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 20:31:19.243 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 20:31:19.372 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 20:53:35.106 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-26 20:53:35.279 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-26 20:53:35.279 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-26 20:53:35.502 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-26 20:53:35.548 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105249
2025-11-26 20:53:36.024 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105249
2025-11-26 20:53:36.024 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105249
2025-11-26 20:53:36.040 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-26 20:53:36.082 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-26 20:53:36.242 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-26 20:53:36.283 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-26 20:53:36.380 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-26 20:53:36.380 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-26 20:53:36.504 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-26 20:53:36.505 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-26 20:53:37.528 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "1f7a82e66a45099189f5bbb94453914a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-26 20:53:40.542 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "1f7a82e66a45099189f5bbb94453914a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-26 21:56:49.093 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 21:56:49.175 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-26 22:02:34.152 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-26 22:02:34.273 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-26 22:02:34.273 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-26 22:02:35.284 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "8cf37d53c6acfa242fb50190eb624185:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-26 22:02:35.285 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-26 22:02:35.285 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-26 22:02:35.431 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764212555
2025-11-26 22:02:35.431 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764212555
2025-11-26 22:02:35.431 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-26 22:02:35.432 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-26 22:02:35.432 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-26 23:16:01.451 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-26 23:16:01.533 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 00:49:37.536 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 00:49:37.649 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 01:01:59.828 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-27 01:08:31.158 [60623] info on_nebula.cpp::handle Scan complete, duration: 392
2025-11-27 01:08:31.160 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-27 01:08:31.161 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 01:08:31.283 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 02:41:14.299 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 02:41:14.382 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 04:13:03.396 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 04:13:03.499 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 05:57:27.515 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 05:57:27.634 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 07:13:58.648 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 07:13:58.752 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 08:58:59.173 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-27 08:58:59.317 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-27 08:58:59.317 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-27 08:59:00.331 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "16089d3883909004e0e1ccc7bca708a0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-27 08:59:00.332 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-27 08:59:00.332 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-27 08:59:00.444 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764251940
2025-11-27 08:59:00.444 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764251940
2025-11-27 08:59:00.444 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-27 08:59:00.445 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-27 08:59:00.446 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-27 08:59:16.754 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 08:59:16.836 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 10:32:52.838 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 10:32:52.919 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 11:48:28.921 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 11:48:29.025 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 13:41:53.026 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 13:41:53.127 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 14:48:29.128 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 14:48:29.211 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 16:32:53.213 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 16:32:53.300 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 17:52:05.875 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 17:52:05.958 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 19:48:11.959 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 19:48:12.061 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 20:53:41.233 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-27 20:53:41.410 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-27 20:53:41.410 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-27 20:53:41.775 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-27 20:53:41.967 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105267
2025-11-27 20:53:42.462 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105267
2025-11-27 20:53:42.463 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105267
2025-11-27 20:53:42.665 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-27 20:53:42.704 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-27 20:53:42.744 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-27 20:53:42.763 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-27 20:53:42.891 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-27 20:53:42.891 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-27 20:53:43.016 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-27 20:53:43.018 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-27 20:53:46.258 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "16089d3883909004e0e1ccc7bca708a0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-27 20:53:50.272 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "16089d3883909004e0e1ccc7bca708a0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-27 21:12:49.074 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 21:12:49.180 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-27 22:55:25.205 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-27 22:55:25.290 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 00:46:14.332 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-28 00:46:14.479 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-28 00:46:14.479 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-28 00:46:15.490 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "d605b17c106027b2ff74a39db9a85f49:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-28 00:46:15.490 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-28 00:46:15.490 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-28 00:46:15.644 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764308775
2025-11-28 00:46:15.644 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764308775
2025-11-28 00:46:15.644 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-28 00:46:15.645 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-28 00:46:15.645 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-28 00:47:55.292 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 00:47:55.374 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 01:02:00.501 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-28 01:08:41.601 [60623] info on_nebula.cpp::handle Scan complete, duration: 401
2025-11-28 01:08:41.603 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-28 01:08:41.604 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 01:08:41.718 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 03:02:59.720 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 03:02:59.804 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 04:59:05.806 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 04:59:05.891 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 06:00:17.894 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 06:00:17.980 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 06:00:59.149 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-28 06:00:59.149 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-28 06:00:59.149 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-28 06:00:59.149 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-28 06:00:59.150 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-28 06:00:59.150 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-28 06:01:05.211 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-28 06:01:06.224 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-28 06:01:09.414 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 310333796352, \"freespace_total\": 310333796352, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 720737857536, \"freespace_total\": 720737857536, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 700633088, \"free_virtual\": 8365273088, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}]
2025-11-28 06:01:09.417 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-28 07:48:17.981 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 07:48:18.064 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 09:27:19.077 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 09:27:19.161 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 10:45:38.173 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 10:45:38.254 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 12:36:20.271 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 12:36:20.372 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 14:15:21.386 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 14:15:21.477 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 16:08:46.490 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 16:08:46.571 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 17:54:58.572 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 17:54:58.671 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 19:45:40.672 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 19:45:40.754 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 20:53:47.383 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-28 20:53:47.579 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-28 20:53:47.579 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-28 20:53:47.802 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-28 20:53:47.913 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105285
2025-11-28 20:53:48.521 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105285
2025-11-28 20:53:48.521 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105285
2025-11-28 20:53:48.749 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-28 20:53:48.752 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-28 20:53:48.791 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-28 20:53:48.831 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-28 20:53:48.881 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-28 20:53:48.882 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-28 20:53:48.905 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "d605b17c106027b2ff74a39db9a85f49:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-28 20:53:49.040 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-28 20:53:49.042 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-28 20:53:56.937 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "d605b17c106027b2ff74a39db9a85f49:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-28 21:00:23.766 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 21:00:23.849 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 22:05:11.851 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 22:05:11.933 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-28 23:39:41.934 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-28 23:39:42.017 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 00:49:54.019 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 00:49:54.104 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 01:02:00.403 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-29 01:08:51.401 [60623] info on_nebula.cpp::handle Scan complete, duration: 411
2025-11-29 01:08:51.402 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-29 01:08:51.403 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 01:08:51.520 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 03:02:15.522 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 03:02:15.606 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 04:12:27.607 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 04:12:27.693 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 05:26:16.710 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 05:26:16.799 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 06:01:00.920 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-29 06:01:00.920 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-29 06:01:00.920 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-29 06:01:00.920 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-29 06:01:00.921 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-29 06:01:00.921 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-29 06:01:07.370 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-29 06:01:08.382 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-29 06:01:11.591 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 307310329856, \"freespace_total\": 307310329856, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 720211271680, \"freespace_total\": 720211271680, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3222220800, \"free_virtual\": 8326164480, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-29 06:01:11.593 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-29 06:33:47.015 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 06:33:47.114 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 07:38:35.115 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 07:38:35.198 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 09:05:53.199 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 09:05:53.280 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 10:33:11.282 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 10:33:11.385 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 11:33:30.398 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 11:33:30.478 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 13:23:18.480 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 13:23:18.562 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 14:30:49.574 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 14:30:49.669 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 15:54:31.864 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 15:54:31.957 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 17:51:31.958 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 17:51:32.059 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 19:37:44.061 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 19:37:44.170 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 20:53:53.350 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-29 20:53:53.551 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-29 20:53:53.551 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-29 20:53:53.776 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-29 20:53:53.908 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105299
2025-11-29 20:53:54.509 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105299
2025-11-29 20:53:54.510 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105299
2025-11-29 20:53:54.513 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-29 20:53:54.554 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-29 20:53:54.605 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-29 20:53:54.613 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-29 20:53:54.748 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-29 20:53:54.748 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-29 20:53:54.908 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-29 20:53:54.912 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-29 20:53:58.533 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "d605b17c106027b2ff74a39db9a85f49:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-29 20:54:02.551 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "d605b17c106027b2ff74a39db9a85f49:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-29 21:12:15.183 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 21:12:15.263 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-29 22:18:52.277 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-29 22:18:52.375 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 00:17:41.387 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 00:17:41.470 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 01:01:59.714 [60623] info on_nebula.cpp::handle Performing threat scan
2025-11-30 01:08:06.301 [60623] info on_nebula.cpp::handle Scan complete, duration: 367
2025-11-30 01:08:06.304 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-30 01:08:06.305 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 01:08:06.430 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 02:46:12.632 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 02:46:12.736 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 04:45:00.737 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 04:45:00.837 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 06:01:00.930 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-11-30 06:01:00.930 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-11-30 06:01:00.930 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-11-30 06:01:00.930 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-30 06:01:00.931 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-11-30 06:01:00.931 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-11-30 06:01:07.362 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-11-30 06:01:08.374 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-11-30 06:01:10.618 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 303815061504, \"freespace_total\": 303815061504, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 719668887552, \"freespace_total\": 719668887552, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3812478976, \"free_virtual\": 8368586752, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-11-30 06:01:10.622 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-11-30 06:43:48.838 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 06:43:48.932 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 08:07:30.934 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 08:07:31.017 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 08:34:21.188 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-30 08:34:21.327 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-30 08:34:21.327 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-30 08:34:22.948 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "5eb824af3dab5919eee6686a8f28e36e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-30 08:34:22.949 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-30 08:34:22.958 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-30 08:34:23.099 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764509662
2025-11-30 08:34:23.099 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764509662
2025-11-30 08:34:23.099 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-30 08:34:23.102 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-30 08:34:23.102 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-30 09:23:07.406 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 09:23:07.487 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 09:40:34.792 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-30 09:40:34.888 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-30 09:40:34.888 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-30 09:40:35.958 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "6fbe7a0f3171daa1be4c19fc99d060d1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-30 09:40:35.958 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-30 09:40:35.958 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-30 09:40:36.092 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764513635
2025-11-30 09:40:36.092 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764513635
2025-11-30 09:40:36.092 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-30 09:40:36.093 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-30 09:40:36.093 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-30 10:49:31.488 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 10:49:31.572 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 12:22:13.944 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 12:22:14.041 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 13:52:14.042 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 13:52:14.145 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 15:25:50.147 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 15:25:50.227 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 16:35:08.229 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 16:35:08.330 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 16:50:08.476 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-11-30 16:50:08.583 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-11-30 16:50:08.583 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-11-30 16:50:09.594 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "67c7a5d4b944ae7b5eddb72c1b6cc18f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-30 16:50:09.595 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-11-30 16:50:09.595 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-11-30 16:50:09.743 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764539409
2025-11-30 16:50:09.743 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764539409
2025-11-30 16:50:09.743 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-11-30 16:50:09.743 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-11-30 16:50:09.743 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-11-30 17:50:44.331 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 17:50:44.412 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 19:17:08.413 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 19:17:08.497 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 20:52:32.499 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 20:52:32.585 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-11-30 20:53:59.603 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-30 20:53:59.811 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-11-30 20:53:59.811 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-11-30 20:54:00.026 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-11-30 20:54:00.212 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105325
2025-11-30 20:54:00.866 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105325
2025-11-30 20:54:00.866 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105325
2025-11-30 20:54:01.060 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-11-30 20:54:01.105 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-11-30 20:54:01.108 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-11-30 20:54:01.166 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-11-30 20:54:01.245 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-11-30 20:54:01.733 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-11-30 20:54:01.733 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "67c7a5d4b944ae7b5eddb72c1b6cc18f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-30 20:54:01.884 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-11-30 20:54:01.886 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-11-30 20:54:05.748 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "67c7a5d4b944ae7b5eddb72c1b6cc18f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-11-30 22:18:03.597 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-11-30 22:18:03.681 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 00:07:51.682 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 00:07:51.763 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 01:01:59.789 [60623] info on_nebula.cpp::handle Performing threat scan
2025-12-01 01:08:49.679 [60623] info on_nebula.cpp::handle Scan complete, duration: 410
2025-12-01 01:08:49.681 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-12-01 01:08:49.682 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 01:08:49.804 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 02:43:20.816 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 02:43:20.902 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 04:06:09.119 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 04:06:09.202 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 06:01:00.326 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-01 06:01:00.326 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-01 06:01:00.326 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-01 06:01:00.326 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-01 06:01:00.327 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-01 06:01:00.327 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-01 06:01:06.785 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-01 06:01:07.797 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-01 06:01:10.999 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 317419438080, \"freespace_total\": 317419438080, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 719162613760, \"freespace_total\": 719162613760, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 2341687296, \"free_virtual\": 8374693888, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-12-01 06:01:11.001 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-12-01 06:06:46.215 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 06:06:46.317 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 08:03:46.318 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 08:03:46.398 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 09:27:28.400 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 09:27:28.504 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 11:11:52.506 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 11:11:52.592 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 12:48:10.594 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 12:48:10.675 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 14:18:11.688 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 14:18:11.788 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 14:54:15.120 [60623] info client.cpp::callSync []
2025-12-01 14:54:16.235 [60623] info client.cpp::syncExclusions Updated exclusions: 89d072ee134c86625792aa5f503146b1
2025-12-01 14:54:16.235 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 89d072ee134c86625792aa5f503146b1
2025-12-01 14:54:16.235 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-01 14:54:16.238 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-01 14:54:16.238 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-01 14:54:16.241 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 14:54:16.323 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 15:03:26.670 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-12-01 15:03:26.776 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-01 15:03:26.776 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-01 15:03:28.165 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "7e69281170a771326a0e501e274852ec:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-01 15:03:28.166 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-01 15:03:28.166 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-01 15:03:28.318 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764619408
2025-12-01 15:03:28.319 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764619408
2025-12-01 15:03:28.319 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-01 15:03:28.319 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-01 15:03:28.320 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-01 16:49:28.325 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 16:49:28.407 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 18:01:28.607 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 18:01:28.691 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 19:21:34.903 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 19:21:34.986 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 20:22:46.987 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 20:22:47.075 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 20:54:06.477 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-12-01 20:54:06.664 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-01 20:54:06.664 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-01 20:54:06.845 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-01 20:54:06.890 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105363
2025-12-01 20:54:07.376 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105363
2025-12-01 20:54:07.376 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105363
2025-12-01 20:54:07.391 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-01 20:54:07.431 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-01 20:54:07.456 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-01 20:54:07.481 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-01 20:54:07.587 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-01 20:54:07.588 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-12-01 20:54:07.742 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-01 20:54:07.743 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-01 20:54:08.237 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "7e69281170a771326a0e501e274852ec:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-01 20:54:12.253 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "7e69281170a771326a0e501e274852ec:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-01 21:31:11.267 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 21:31:11.364 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-01 23:15:35.378 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-01 23:15:35.463 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 00:22:11.465 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 00:22:11.569 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 01:01:58.615 [60623] info on_nebula.cpp::handle Performing threat scan
2025-12-02 01:08:05.018 [60623] info on_nebula.cpp::handle Scan complete, duration: 367
2025-12-02 01:08:05.020 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-12-02 01:08:05.021 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 01:08:05.147 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 02:47:06.159 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 02:47:06.260 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 04:04:30.262 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 04:04:30.359 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 05:49:48.803 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 05:49:48.892 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 07:24:18.894 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 07:24:18.974 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 09:00:37.181 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 09:00:37.282 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 10:41:25.284 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 10:41:25.375 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 12:18:38.389 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 12:18:38.479 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 13:38:37.777 [60623] info client.cpp::registerRefresh nebula client refresh success
2025-12-02 13:38:37.779 [60623] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2025-12-02 13:38:37.803 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 13:38:37.903 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 14:45:40.139 [60623] info client.cpp::callSync []
2025-12-02 14:45:41.246 [60623] info client.cpp::syncExclusions Updated exclusions: d5a8e867f9d79996f3a83bb60afb16be
2025-12-02 14:45:41.246 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: d5a8e867f9d79996f3a83bb60afb16be
2025-12-02 14:45:41.246 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-02 14:45:41.248 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-02 14:45:41.248 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-02 14:45:41.251 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 14:45:41.335 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 16:39:05.526 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 16:39:05.609 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 17:42:06.623 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 17:42:06.729 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 19:29:12.731 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 19:29:12.816 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 20:54:12.332 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-12-02 20:54:12.504 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-02 20:54:12.504 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-02 20:54:12.706 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-02 20:54:12.753 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105387
2025-12-02 20:54:13.270 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105387
2025-12-02 20:54:13.270 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105387
2025-12-02 20:54:13.287 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-02 20:54:13.327 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-02 20:54:13.360 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-02 20:54:13.368 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-02 20:54:13.485 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-02 20:54:13.485 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-12-02 20:54:13.610 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-02 20:54:13.612 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-02 21:10:54.817 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 21:10:54.903 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 22:22:54.905 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 22:22:55.006 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-02 23:15:42.585 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-12-02 23:15:42.690 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-02 23:15:42.690 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-02 23:15:43.701 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "b1f0347144ce0269e9ff625e82a0a5db:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-02 23:15:43.702 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-02 23:15:43.702 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-02 23:15:43.844 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764735343
2025-12-02 23:15:43.844 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764735343
2025-12-02 23:15:43.844 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-02 23:15:43.844 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-02 23:15:43.844 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-02 23:45:43.007 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-02 23:45:43.089 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 01:02:00.252 [60623] info on_nebula.cpp::handle Performing threat scan
2025-12-03 01:08:35.954 [60623] info on_nebula.cpp::handle Scan complete, duration: 395
2025-12-03 01:08:35.955 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-12-03 01:08:35.956 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 01:08:36.076 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 03:08:18.075 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 03:08:18.156 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 04:14:54.157 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 04:14:54.252 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 06:01:00.475 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-03 06:01:00.476 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-03 06:01:00.476 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-03 06:01:00.476 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-03 06:01:00.477 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-03 06:01:00.477 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-03 06:01:06.944 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-03 06:01:07.957 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-03 06:01:11.151 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 313938481152, \"freespace_total\": 313938481152, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 718134792192, \"freespace_total\": 718134792192, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1285795840, \"free_virtual\": 8385196032, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-12-03 06:01:11.156 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-12-03 06:09:12.253 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 06:09:12.334 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 07:33:49.348 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 07:33:49.447 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 08:39:32.459 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 08:39:32.562 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 10:29:20.563 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 10:29:20.655 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 11:29:43.679 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-12-03 11:29:43.781 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-03 11:29:43.782 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-03 11:29:44.794 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "47c76b317282564550ea2dd9e54adc41:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-03 11:29:44.794 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-03 11:29:44.794 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-03 11:29:44.908 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764779384
2025-12-03 11:29:44.908 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764779384
2025-12-03 11:29:44.908 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-03 11:29:44.909 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-03 11:29:44.909 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-03 12:03:50.656 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 12:03:50.738 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 12:42:01.832 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-12-03 12:42:02.970 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-03 12:42:02.970 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-03 12:42:03.981 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "d2d4a095e3b31836f3a271aa870f3226:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-03 12:42:03.981 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-03 12:42:03.981 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-03 12:42:04.121 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764783723
2025-12-03 12:42:04.121 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764783723
2025-12-03 12:42:04.121 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-03 12:42:04.121 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-03 12:42:04.122 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-03 13:57:15.750 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 13:57:15.834 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 15:38:57.836 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 15:38:57.936 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 17:38:39.937 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 17:38:40.026 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 18:46:10.028 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 18:46:10.137 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 20:39:35.154 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 20:39:35.235 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 20:54:17.760 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-12-03 20:54:17.957 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-03 20:54:17.957 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-03 20:54:18.189 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-03 20:54:18.362 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105413
2025-12-03 20:54:18.973 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105413
2025-12-03 20:54:18.973 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105413
2025-12-03 20:54:18.989 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-03 20:54:19.008 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-03 20:54:19.029 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-03 20:54:19.172 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-03 20:54:19.301 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-03 20:54:19.301 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-12-03 20:54:19.424 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-03 20:54:19.427 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-03 20:54:21.321 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "d2d4a095e3b31836f3a271aa870f3226:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-03 20:54:25.339 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "d2d4a095e3b31836f3a271aa870f3226:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-03 21:58:46.419 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 21:58:46.500 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-03 23:13:56.698 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-12-03 23:13:56.830 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-03 23:13:56.830 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-03 23:13:57.842 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "05ce001022672f80267d346322768161:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-03 23:13:57.842 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-03 23:13:57.842 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-03 23:13:57.947 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764821637
2025-12-03 23:13:57.947 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764821637
2025-12-03 23:13:57.947 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-03 23:13:57.948 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-03 23:13:57.948 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-03 23:53:59.325 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-03 23:53:59.409 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 01:14:59.411 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 01:14:59.494 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 02:59:24.509 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 02:59:24.591 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 04:23:48.760 [60623] info client.cpp::sync Command received : event.policy.refresh
2025-12-04 04:23:48.865 [60623] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-04 04:23:48.865 [60623] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-04 04:23:49.877 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "36989f8a9db380346884707fc9966e80:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-04 04:23:49.877 [60623] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-04 04:23:49.877 [60623] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-04 04:23:50.013 [60623] info client.cpp::syncExclusions Updated exclusions: nebula-1764840229
2025-12-04 04:23:50.013 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764840229
2025-12-04 04:23:50.013 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-04 04:23:50.013 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-04 04:23:50.013 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-04 04:54:37.602 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 04:54:37.685 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 06:00:58.818 [60623] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-04 06:00:58.818 [60623] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-04 06:00:58.818 [60623] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-04 06:00:58.818 [60623] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-04 06:00:58.819 [60623] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-04 06:00:58.819 [60623] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-04 06:01:05.261 [60623] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-04 06:01:06.273 [60623] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-04 06:01:09.483 [60623] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 311864664064, \"freespace_total\": 311864664064, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 717637963776, \"freespace_total\": 717637963776, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 4149469184, \"free_virtual\": 8393584640, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-12-04 06:01:09.486 [60623] info schedule_store.cpp::save Saved nebula schedules
2025-12-04 06:24:37.687 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 06:24:37.774 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 08:21:38.791 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 08:21:38.875 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 09:23:26.139 [60623] info client.cpp::callSync []
2025-12-04 09:23:26.243 [60623] info client.cpp::syncExclusions Updated exclusions: 428ac8407f54f58e0af03b9a8a8cec90
2025-12-04 09:23:26.243 [60623] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 428ac8407f54f58e0af03b9a8a8cec90
2025-12-04 09:23:26.243 [60623] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-04 09:23:26.245 [60623] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-04 09:23:26.245 [60623] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-04 09:23:26.248 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 09:23:26.333 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 11:04:15.345 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 11:04:15.426 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 12:28:52.439 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 12:28:52.528 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 14:21:23.541 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 14:21:23.626 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 16:15:41.827 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 16:15:41.910 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 17:17:47.910 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 17:17:47.993 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 18:18:59.995 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 18:19:00.132 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 19:58:00.342 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 19:58:00.425 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 20:54:23.613 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-12-04 20:54:23.823 [60621] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-04 20:54:23.823 [60621] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-04 20:54:24.144 [60621] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-04 20:54:24.207 [60621] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105443
2025-12-04 20:54:24.894 [60621] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105443
2025-12-04 20:54:24.894 [60621] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105443
2025-12-04 20:54:25.107 [60625] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-04 20:54:25.173 [60625] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-04 20:54:25.184 [60621] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-04 20:54:25.223 [60625] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-04 20:54:25.314 [60621] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-04 20:54:25.315 [60621] info sirius.cpp::downloadUpdates checking for new updates
2025-12-04 20:54:25.472 [60621] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-04 20:54:25.478 [60621] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-04 20:54:28.583 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "36989f8a9db380346884707fc9966e80:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-04 20:54:32.597 [60623] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "36989f8a9db380346884707fc9966e80:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-04 21:20:48.426 [60623] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 21:20:48.507 [60623] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 21:50:43.837 [60620] info telemetry_controller.cpp::processTelemetryData processing exiting
2025-12-04 21:50:47.197 [60624] info communicator.cpp::processor processing exited
2025-12-04 21:51:01.199 [60582] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2025-12-04 21:51:02.199 [60582] info mbdaemon.cpp::main Exiting Main - 0
2025-12-04 21:51:02.245 [198852] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.82 **************
2025-12-04 21:51:02.245 [198852] info mbdaemon.cpp::main logLevel is info
2025-12-04 21:51:02.245 [198852] info mbdaemon.cpp::main syslogLevel is warn
2025-12-04 21:51:02.245 [198852] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2025-12-04 21:51:02.245 [198852] info sirius.cpp::initialize Setting Sirius channel: release
2025-12-04 21:51:02.285 [198852] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-04 21:51:02.329 [198852] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2025-12-04 21:51:02.455 [198852] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-04 21:51:02.455 [198883] info telemetry_controller.cpp::processTelemetryData processing starting
2025-12-04 21:51:02.455 [198887] info communicator.cpp::processor processing starting
2025-12-04 21:51:02.455 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-04 21:51:02.455 [198888] info on_access.cpp::onAccessThread Protection setting is enabled, starting real-time protection
2025-12-04 21:51:02.606 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-04 21:51:02.606 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-04 21:51:02.817 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-04 21:51:02.870 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105445
2025-12-04 21:51:03.566 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105445
2025-12-04 21:51:03.566 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105445
2025-12-04 21:51:03.623 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-04 21:51:03.660 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-04 21:51:03.799 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-04 21:51:06.480 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-04 21:51:06.480 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-04 21:51:06.481 [198886] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2025-12-04 21:51:06.481 [198886] info sirius.cpp::downloadUpdates checking for new updates
2025-12-04 21:51:06.605 [198886] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-04 21:51:06.605 [198886] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2025-12-04 21:51:06.605 [198886] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2025-12-04 21:51:06.612 [198886] info schedule_store.cpp::load Loaded nebula schedules
2025-12-04 21:51:06.704 [198886] info client.cpp::callSync []
2025-12-04 21:51:07.711 [198886] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2025-12-04 21:51:07.711 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 21:51:07.795 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-04 23:04:56.286 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-04 23:04:56.389 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 00:32:15.401 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 00:32:15.502 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 01:46:57.503 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 01:46:57.584 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 03:34:57.763 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 03:34:57.862 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 04:42:27.861 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 04:42:27.955 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 05:43:41.601 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 05:43:42.835 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 06:00:59.957 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-05 06:00:59.957 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-05 06:00:59.957 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-05 06:00:59.957 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-05 06:00:59.958 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-05 06:00:59.959 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-05 06:01:05.506 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-05 06:01:06.569 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-05 06:01:09.154 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 308971560960, \"freespace_total\": 308971560960, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 717088362496, \"freespace_total\": 717088362496, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 414961664, \"free_virtual\": 8359505920, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}]
2025-12-05 06:01:09.166 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-05 07:40:42.836 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 07:40:42.917 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 09:22:24.918 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 09:22:25.000 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 10:34:38.161 [198886] info client.cpp::callSync []
2025-12-05 10:34:39.173 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 10:34:39.258 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 12:34:21.259 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 12:34:21.355 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 13:41:51.357 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 13:41:51.440 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 15:16:21.782 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 15:16:21.864 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 16:40:57.866 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 16:40:57.968 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 17:47:33.969 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 17:47:34.059 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 18:05:31.218 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-05 18:05:31.349 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-05 18:05:31.349 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-05 18:05:32.675 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "84a8604e56a8b0c4519ab2524ab48369:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-05 18:05:32.675 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-05 18:05:32.676 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-05 18:05:32.823 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1764975932
2025-12-05 18:05:32.824 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1764975932
2025-12-05 18:05:32.824 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-05 18:05:32.826 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-05 18:05:32.827 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-05 19:31:58.061 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 19:31:58.163 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 21:19:58.165 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 21:19:58.247 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 21:51:08.587 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-05 21:51:08.789 [198884] info sirius.cpp::downloadUpdates updating package: mblinux.db.rules
2025-12-05 21:51:08.977 [198884] info sirius.cpp::backupEntry Backing up package: mblinux.db.rules
2025-12-05 21:51:08.983 [198884] info sirius.cpp::download updated mblinux.db.rules to version 2.0.202512051355
2025-12-05 21:51:08.983 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-05 21:51:09.250 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-05 21:51:09.284 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105469
2025-12-05 21:51:09.771 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105469
2025-12-05 21:51:09.771 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105469
2025-12-05 21:51:09.986 [198884] info sirius.cpp::installDownloaded installed mblinux.db.rules 2.0.202512051355
2025-12-05 21:51:09.986 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-05 21:51:10.012 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-05 21:51:10.026 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-05 21:51:10.069 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-05 21:51:10.132 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202511121903"}], "policy_etag": "84a8604e56a8b0c4519ab2524ab48369:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-05 21:51:10.146 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-05 21:51:10.147 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-05 21:51:10.275 [198884] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-05 21:51:10.276 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-05 21:51:14.145 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "84a8604e56a8b0c4519ab2524ab48369:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-05 21:51:18.155 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "84a8604e56a8b0c4519ab2524ab48369:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-05 22:28:22.402 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 22:28:22.484 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-05 23:36:46.493 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-05 23:36:46.576 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 00:37:04.577 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 00:37:04.680 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 01:01:58.787 [198886] info on_nebula.cpp::handle Performing threat scan
2025-12-06 01:08:35.475 [198886] info on_nebula.cpp::handle Scan complete, duration: 397
2025-12-06 01:08:35.481 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-06 01:08:35.483 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 01:08:35.601 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 02:55:41.800 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 02:55:41.881 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 04:07:41.882 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 04:07:42.015 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 05:44:13.425 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 05:44:18.120 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 06:00:59.257 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-06 06:00:59.257 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-06 06:00:59.257 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-06 06:00:59.257 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-06 06:00:59.258 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-06 06:00:59.258 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-06 06:01:05.899 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-06 06:01:06.911 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-06 06:01:10.149 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 306239356928, \"freespace_total\": 306239356928, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 716591697920, \"freespace_total\": 716591697920, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3463073792, \"free_virtual\": 8329883648, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-12-06 06:01:10.152 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-06 07:32:18.136 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 07:32:18.236 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 08:44:19.255 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 08:44:19.342 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 10:03:32.354 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 10:03:32.437 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 11:57:51.449 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 11:57:51.533 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 13:53:57.732 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 13:53:57.857 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 15:47:21.858 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 15:47:21.944 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 16:54:51.946 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 16:54:52.029 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 18:08:40.217 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 18:08:40.298 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 19:23:22.300 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 19:23:22.400 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 21:05:58.794 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 21:05:58.882 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-06 21:51:15.051 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-06 21:51:15.259 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-06 21:51:15.259 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-06 21:51:15.491 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-06 21:51:15.538 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105495
2025-12-06 21:51:16.042 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105495
2025-12-06 21:51:16.042 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105495
2025-12-06 21:51:16.064 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-06 21:51:16.105 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-06 21:51:16.146 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-06 21:51:16.249 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-06 21:51:16.307 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-06 21:51:16.307 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-06 21:51:16.434 [198884] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-06 21:51:16.435 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-06 21:51:18.719 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "84a8604e56a8b0c4519ab2524ab48369:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-06 21:51:21.732 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "84a8604e56a8b0c4519ab2524ab48369:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-06 22:35:04.881 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-06 22:35:04.964 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 00:04:10.966 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 00:04:11.047 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 01:01:59.704 [198886] info on_nebula.cpp::handle Performing threat scan
2025-12-07 01:08:10.016 [198886] info on_nebula.cpp::handle Scan complete, duration: 371
2025-12-07 01:08:10.018 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-07 01:08:10.019 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 01:08:10.143 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 02:19:16.144 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 02:19:16.248 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 03:24:58.250 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 03:24:58.387 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 05:21:58.601 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 05:21:58.703 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 06:01:00.786 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-07 06:01:00.786 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-07 06:01:00.786 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-07 06:01:00.786 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-07 06:01:00.787 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-07 06:01:00.787 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-07 06:01:07.231 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-07 06:01:08.247 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-07 06:01:11.483 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 301293637632, \"freespace_total\": 301293637632, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 716068327424, \"freespace_total\": 716068327424, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 2949771264, \"free_virtual\": 8338272256, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-12-07 06:01:11.494 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-07 06:50:11.030 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 06:50:11.125 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 07:49:38.558 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-07 07:49:38.682 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-07 07:49:38.682 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-07 07:49:39.700 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "0537666bf91deff4778c75ea41d8ac34:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-07 07:49:39.701 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-07 07:49:39.701 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-07 07:49:39.842 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765111779
2025-12-07 07:49:39.842 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765111779
2025-12-07 07:49:39.842 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-07 07:49:39.855 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-07 07:49:39.855 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-07 08:29:12.136 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 08:29:12.225 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 08:43:49.345 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-07 08:43:49.473 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-07 08:43:49.473 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-07 08:43:50.828 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "0eb7ebd342b2778aaa3e0e76537b012a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:66", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-07 08:43:50.828 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-07 08:43:50.828 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-07 08:43:50.973 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765115030
2025-12-07 08:43:50.973 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765115030
2025-12-07 08:43:50.973 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-07 08:43:50.975 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-07 08:43:50.975 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-07 10:26:13.236 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 10:26:13.320 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 12:03:25.322 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 12:03:25.423 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 13:10:01.425 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 13:10:01.507 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 14:40:01.508 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 14:40:01.591 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 16:28:01.593 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 16:28:01.675 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 18:21:25.674 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 18:21:25.757 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 19:38:50.769 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 19:38:50.876 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 21:25:57.071 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 21:25:57.153 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-07 21:51:20.663 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-07 21:51:20.818 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-07 21:51:20.818 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-07 21:51:21.122 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-07 21:51:21.170 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105517
2025-12-07 21:51:21.650 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105517
2025-12-07 21:51:21.650 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105517
2025-12-07 21:51:21.669 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-07 21:51:21.747 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-07 21:51:21.752 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-07 21:51:21.795 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-07 21:51:21.881 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-07 21:51:21.882 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-07 21:51:22.030 [198884] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-07 21:51:22.032 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-07 22:42:28.166 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-07 22:42:28.269 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 00:32:17.282 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 00:32:17.364 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 01:02:00.379 [198886] info on_nebula.cpp::handle Performing threat scan
2025-12-08 01:08:31.108 [198886] info on_nebula.cpp::handle Scan complete, duration: 391
2025-12-08 01:08:31.110 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-08 01:08:31.111 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 01:08:31.235 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 02:23:13.236 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 02:23:13.339 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 03:49:38.351 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 03:49:38.452 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 05:04:20.466 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 05:04:20.548 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 06:01:00.153 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-08 06:01:00.154 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-08 06:01:00.154 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-08 06:01:00.154 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-08 06:01:00.155 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-08 06:01:00.155 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-08 06:01:03.781 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-08 06:01:04.819 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-08 06:01:08.354 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 315760852992, \"freespace_total\": 315760852992, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 715541606400, \"freespace_total\": 715541606400, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1501704192, \"free_virtual\": 8376913920, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-12-08 06:01:08.357 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-08 06:28:57.563 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 06:28:57.643 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 08:07:57.881 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 08:07:57.968 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 09:31:39.970 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 09:31:40.071 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 11:06:10.073 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 11:06:10.171 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 11:12:34.195 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 11:12:37.284 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 12:28:13.286 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 12:28:13.369 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 13:35:43.371 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 13:35:43.453 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 14:59:25.455 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 14:59:25.539 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 16:06:01.753 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 16:06:01.835 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 16:17:51.065 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 16:18:22.214 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 17:54:40.216 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 17:54:40.297 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 19:24:40.299 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 19:24:40.400 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 20:50:11.413 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 20:50:11.496 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 21:51:26.868 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-08 21:51:27.017 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-08 21:51:27.017 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-08 21:51:27.502 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-08 21:51:27.653 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105551
2025-12-08 21:51:28.242 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105551
2025-12-08 21:51:28.242 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105551
2025-12-08 21:51:28.444 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-08 21:51:28.493 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-08 21:51:28.497 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-08 21:51:28.548 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-08 21:51:28.630 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-08 21:51:28.630 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-08 21:51:28.754 [198884] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-08 21:51:28.763 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-08 21:57:41.332 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 21:57:41.414 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-08 23:14:11.785 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-08 23:14:11.868 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 00:19:53.869 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 00:19:53.951 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 01:01:58.093 [198886] info on_nebula.cpp::handle Performing threat scan
2025-12-09 01:08:35.946 [198886] info on_nebula.cpp::handle Scan complete, duration: 397
2025-12-09 01:08:35.949 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-09 01:08:35.950 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 01:08:36.044 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 02:27:48.045 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 02:27:48.135 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 03:56:55.148 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 03:56:55.247 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 05:22:25.249 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 05:22:25.348 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 06:01:00.762 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-09 06:01:00.762 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-09 06:01:00.762 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-09 06:01:00.762 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-09 06:01:00.763 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-09 06:01:00.763 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-09 06:01:06.359 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-09 06:01:07.373 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-09 06:01:10.596 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 313609330688, \"freespace_total\": 313609330688, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 710687080448, \"freespace_total\": 710687080448, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 379920384, \"free_virtual\": 8390701056, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}]
2025-12-09 06:01:10.598 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-09 06:50:38.364 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 06:50:38.445 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 08:24:14.447 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 08:24:14.556 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 09:59:39.568 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 09:59:39.658 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 11:58:27.660 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 11:58:27.742 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 13:23:58.757 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 13:23:58.844 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 15:02:05.050 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 15:02:05.131 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 16:48:17.531 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 16:48:17.630 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 17:02:53.023 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 17:02:56.781 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 17:20:08.063 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 17:20:18.910 [198886] info web_socket.cpp::connectIfNeeded LibraryError at /src/nebula/web_socket.cpp:63 ()
2025-12-09 17:20:19.025 [198886] info client.cpp::callSync []
2025-12-09 17:20:20.148 [198886] info client.cpp::syncExclusions Updated exclusions: 1a10e94b3480329aa6317f4f1355c40a
2025-12-09 17:20:20.148 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 1a10e94b3480329aa6317f4f1355c40a
2025-12-09 17:20:20.148 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-09 17:20:20.152 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-09 17:20:20.152 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-09 17:20:40.222 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 17:20:40.323 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 18:47:58.324 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 18:47:58.407 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 19:50:04.408 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 19:50:04.490 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 21:47:05.502 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 21:47:05.586 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-09 21:51:32.950 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-09 21:51:33.128 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-09 21:51:33.128 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-09 21:51:33.320 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-09 21:51:33.513 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105569
2025-12-09 21:51:34.110 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105569
2025-12-09 21:51:34.110 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105569
2025-12-09 21:51:34.127 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-09 21:51:34.168 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-09 21:51:34.211 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-09 21:51:34.225 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-09 21:51:34.388 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-09 21:51:34.388 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-09 21:51:34.517 [198884] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-09 21:51:34.519 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-09 23:21:35.589 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-09 23:21:35.671 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 01:02:00.814 [198886] info on_nebula.cpp::handle Performing threat scan
2025-12-10 01:08:22.155 [198886] info on_nebula.cpp::handle Scan complete, duration: 382
2025-12-10 01:08:22.156 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-10 01:08:22.157 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 01:08:22.260 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 02:53:40.261 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 02:53:40.344 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 04:29:58.563 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 04:29:58.649 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 05:09:18.660 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-10 05:09:18.790 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-10 05:09:18.790 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-10 05:09:19.806 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4515d851c9c314ebe6b9f766e12b229a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-10 05:09:19.806 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-10 05:09:19.806 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-10 05:09:19.959 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765361359
2025-12-10 05:09:19.959 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765361359
2025-12-10 05:09:19.959 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-10 05:09:19.960 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-10 05:09:19.960 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-10 06:01:00.724 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-10 06:01:00.724 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-10 06:01:00.724 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-10 06:01:00.724 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-10 06:01:00.725 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-10 06:01:00.725 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-10 06:01:06.790 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-10 06:01:07.804 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-10 06:01:11.033 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 311146217472, \"freespace_total\": 311146217472, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 710132006912, \"freespace_total\": 710132006912, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 623800320, \"free_virtual\": 8379691008, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}]
2025-12-10 06:01:11.036 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-10 06:16:11.663 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 06:16:11.744 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 07:17:23.745 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 07:17:23.831 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 08:35:41.832 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 08:35:41.932 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 10:03:54.153 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 10:03:54.234 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 12:02:42.235 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 12:02:42.338 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 12:04:31.763 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-10 12:04:31.864 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-10 12:04:31.864 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-10 12:04:32.877 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4491dd63dddb4a506cdc26d7f634fedb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-10 12:04:32.878 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-10 12:04:32.878 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-10 12:04:33.006 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765386272
2025-12-10 12:04:33.006 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765386272
2025-12-10 12:04:33.006 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-10 12:04:33.007 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-10 12:04:33.007 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-10 13:30:54.340 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 13:30:54.443 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 14:35:43.461 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 14:35:43.555 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 14:45:31.719 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4491dd63dddb4a506cdc26d7f634fedb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": ""}
2025-12-10 14:45:35.733 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4491dd63dddb4a506cdc26d7f634fedb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-10 16:34:31.557 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 16:34:31.640 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 17:42:01.641 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 17:42:01.736 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 17:56:18.879 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-10 17:56:19.001 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-10 17:56:19.001 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-10 17:56:20.016 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "ebbce828e377bd1a1feb90622332a2c1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-10 17:56:20.017 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-10 17:56:20.017 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-10 17:56:20.158 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765407380
2025-12-10 17:56:20.158 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765407380
2025-12-10 17:56:20.158 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-10 17:56:20.158 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-10 17:56:20.158 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-10 19:35:26.756 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 19:35:26.840 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 21:00:02.841 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 21:00:02.921 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-10 21:51:39.103 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-10 21:51:39.313 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-10 21:51:39.313 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-10 21:51:39.642 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-10 21:51:39.967 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105597
2025-12-10 21:51:40.482 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105597
2025-12-10 21:51:40.482 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105597
2025-12-10 21:51:40.574 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "ebbce828e377bd1a1feb90622332a2c1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-10 21:51:40.586 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-10 21:51:40.691 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-10 21:51:40.696 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-10 21:51:40.738 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-10 21:51:40.819 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-10 21:51:40.819 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-10 21:51:40.976 [198884] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-10 21:51:40.977 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-10 21:51:44.711 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "ebbce828e377bd1a1feb90622332a2c1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-10 22:31:50.920 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-10 22:31:51.012 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 00:17:09.014 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 00:17:09.096 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 01:02:00.258 [198886] info on_nebula.cpp::handle Performing threat scan
2025-12-11 01:08:00.881 [198886] info on_nebula.cpp::handle Scan complete, duration: 360
2025-12-11 01:08:00.884 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-11 01:08:00.886 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 01:08:01.011 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 02:04:56.067 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-11 02:04:56.196 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-11 02:04:56.196 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-11 02:04:56.212 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3d2bf9f0fcc77f6173f3ef64c15edfd6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-11 02:04:56.212 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-11 02:04:56.212 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-11 02:04:56.348 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765436696
2025-12-11 02:04:56.348 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765436696
2025-12-11 02:04:56.348 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-11 02:04:56.349 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-11 02:04:56.349 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-11 03:01:25.240 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 03:01:25.323 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 04:16:07.325 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 04:16:07.406 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 05:34:26.422 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 05:34:27.275 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 06:01:00.786 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-11 06:01:00.787 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-11 06:01:00.787 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-11 06:01:00.787 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-11 06:01:00.787 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-11 06:01:00.788 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-11 06:01:07.233 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-11 06:01:08.246 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-11 06:01:11.439 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 310800293888, \"freespace_total\": 310800293888, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 709618909184, \"freespace_total\": 709618909184, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 723238912, \"free_virtual\": 8390438912, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}]
2025-12-11 06:01:11.441 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-11 07:28:46.291 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 07:28:46.373 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 09:22:10.583 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 09:22:10.698 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 10:25:10.700 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 10:25:10.782 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 11:44:22.784 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 11:44:22.866 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 12:49:11.069 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 12:49:11.153 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 14:27:18.168 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 14:27:18.262 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 16:01:48.263 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 16:01:48.346 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 17:49:48.546 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 17:49:48.638 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 19:00:54.640 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 19:00:54.724 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 20:45:19.741 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 20:45:19.847 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-11 21:51:45.681 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-11 21:51:45.862 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-11 21:51:45.862 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-11 21:51:46.198 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-11 21:51:46.560 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105627
2025-12-11 21:51:47.079 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105627
2025-12-11 21:51:47.079 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105627
2025-12-11 21:51:47.259 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-11 21:51:47.301 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-11 21:51:47.339 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-11 21:51:47.406 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-11 21:51:47.460 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-11 21:51:47.460 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-11 21:51:47.591 [198884] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-11 21:51:47.594 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-11 21:51:49.916 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3d2bf9f0fcc77f6173f3ef64c15edfd6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-11 21:51:53.928 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3d2bf9f0fcc77f6173f3ef64c15edfd6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-11 22:37:49.850 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-11 22:37:49.950 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 00:28:31.950 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 00:28:32.058 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 01:01:58.091 [198886] info on_nebula.cpp::handle Performing threat scan
2025-12-12 01:08:21.534 [198886] info on_nebula.cpp::handle Scan complete, duration: 383
2025-12-12 01:08:21.536 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-12 01:08:21.537 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 01:08:21.631 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 02:54:34.643 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 02:54:34.724 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 04:14:41.738 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 04:14:41.822 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 05:23:05.823 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 05:23:05.905 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 06:00:58.136 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-12 06:00:58.136 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-12 06:00:58.136 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-12 06:00:58.136 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-12 06:00:58.137 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-12 06:00:58.137 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-12 06:01:04.614 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-12 06:01:05.109 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-12 06:01:08.365 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 309026222080, \"freespace_total\": 309026222080, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 709122936832, \"freespace_total\": 709122936832, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3198889984, \"free_virtual\": 8358195200, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}
2025-12-12 06:01:08.367 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-12 06:55:47.905 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 06:55:47.987 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 08:43:47.990 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 08:43:48.095 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 10:13:48.097 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 10:13:48.199 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 11:33:00.200 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 11:33:00.284 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 12:35:32.976 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-12 12:35:33.079 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-12 12:35:33.079 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-12 12:35:34.092 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "abbdc414452c3f7d6b819e294cfa82dc:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-12 12:35:34.093 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-12 12:35:34.093 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-12 12:35:34.221 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765560934
2025-12-12 12:35:34.221 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765560934
2025-12-12 12:35:34.221 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-12 12:35:34.223 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-12 12:35:34.223 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-12 12:57:36.285 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 12:57:36.366 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 14:33:01.378 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 14:33:01.460 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 16:06:37.461 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 16:06:37.542 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 16:56:33.622 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-12 16:56:33.753 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-12 16:56:33.753 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-12 16:56:34.352 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "694bb2859cd0c92bf6d792973c6e4c0f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-12 16:56:34.352 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-12 16:56:34.352 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-12 16:56:34.950 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765576594
2025-12-12 16:56:34.950 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765576594
2025-12-12 16:56:34.950 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-12 16:56:34.951 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-12 16:56:34.951 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-12 17:26:43.543 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 17:26:43.645 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 19:21:01.662 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 19:21:01.746 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 20:51:01.747 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 20:51:01.842 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-12 21:51:52.041 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-12 21:51:52.253 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-12 21:51:52.253 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-12 21:51:52.597 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-12 21:51:52.784 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105641
2025-12-12 21:51:53.388 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105641
2025-12-12 21:51:53.388 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105641
2025-12-12 21:51:53.610 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-12 21:51:53.651 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-12 21:51:53.683 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-12 21:51:53.720 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-12 21:51:53.853 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-12 21:51:53.853 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-12 21:51:53.995 [198884] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-12 21:51:53.997 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-12 21:51:55.628 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "694bb2859cd0c92bf6d792973c6e4c0f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-12 21:51:59.642 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "694bb2859cd0c92bf6d792973c6e4c0f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-12 22:32:43.847 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-12 22:32:43.946 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 00:13:31.944 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 00:13:32.043 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 01:01:58.201 [198886] info on_nebula.cpp::handle Performing threat scan
2025-12-13 01:08:41.038 [198886] info on_nebula.cpp::handle Scan complete, duration: 403
2025-12-13 01:08:41.040 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-13 01:08:41.042 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 01:08:41.176 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 02:37:47.176 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 02:37:47.259 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 04:09:35.259 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 04:09:35.354 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 05:17:06.367 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 05:17:06.471 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 06:01:01.088 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-13 06:01:01.192 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-13 06:01:01.720 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-13 06:01:01.720 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-13 06:01:01.721 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-13 06:01:01.769 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-13 06:01:08.347 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-13 06:01:09.427 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-13 06:01:12.933 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 305883492352, \"freespace_total\": 305883492352, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 708638162944, \"freespace_total\": 708638162944, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 562573312, \"free_virtual\": 8332754944, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}]
2025-12-13 06:01:12.935 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-13 06:11:07.693 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-13 06:11:07.805 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-13 06:11:07.805 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-13 06:11:08.817 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3265372c208c186ec35e5710a7631058:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-13 06:11:08.817 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-13 06:11:08.818 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-13 06:11:08.938 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765624268
2025-12-13 06:11:08.938 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765624268
2025-12-13 06:11:08.938 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-13 06:11:08.940 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-13 06:11:08.940 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-13 06:58:48.473 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 06:58:48.569 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 08:45:01.586 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 08:45:01.685 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 10:22:13.685 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 10:22:13.766 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 12:03:55.766 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 12:03:55.848 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 14:00:02.058 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 14:00:02.188 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 15:27:20.188 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 15:27:20.274 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 16:51:03.286 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 16:51:03.388 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 18:01:15.389 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 18:01:15.471 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 19:51:04.486 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 19:51:04.569 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 20:51:23.584 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 20:51:23.667 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 21:51:58.556 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-13 21:51:58.775 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-13 21:51:58.775 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-13 21:51:59.007 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-13 21:51:59.056 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105645
2025-12-13 21:51:59.600 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105645
2025-12-13 21:51:59.600 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105645
2025-12-13 21:51:59.606 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-13 21:51:59.667 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-13 21:51:59.676 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-13 21:51:59.750 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-13 21:51:59.891 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-13 21:51:59.892 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-13 21:52:00.045 [198884] info sirius.cpp::downloadUpdates updating package: epa.linux.plugin.edr
2025-12-13 21:52:00.207 [198884] info sirius.cpp::backupEntry Backing up package: epa.linux.plugin.edr
2025-12-13 21:52:00.236 [198884] info sirius.cpp::download updated epa.linux.plugin.edr to version 1.0.112
2025-12-13 21:52:00.316 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-13 21:52:02.305 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3265372c208c186ec35e5710a7631058:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-13 21:52:06.319 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3265372c208c186ec35e5710a7631058:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-13 21:54:24.239 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 21:54:24.353 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-13 23:14:31.813 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-13 23:14:31.895 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 00:32:49.897 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 00:32:49.978 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 01:02:00.086 [198886] info on_nebula.cpp::handle Performing threat scan
2025-12-14 01:08:37.308 [198886] info on_nebula.cpp::handle Scan complete, duration: 397
2025-12-14 01:08:37.310 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-14 01:08:37.311 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 01:08:37.446 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 02:35:55.448 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 02:35:55.537 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 04:25:43.754 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 04:25:43.839 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 06:16:25.840 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 06:16:25.923 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 06:40:05.114 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-14 06:40:05.221 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-14 06:40:05.221 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-14 06:40:06.234 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "fd15adb84030ddb4bf051496b9d396f0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-14 06:40:06.235 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-14 06:40:06.235 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-14 06:40:06.353 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765712406
2025-12-14 06:40:06.353 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765712406
2025-12-14 06:40:06.353 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-14 06:40:06.355 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-14 06:40:06.355 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-14 07:30:13.925 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 07:30:14.007 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 08:30:32.383 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 08:30:32.465 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 10:25:44.467 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 10:25:44.566 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 11:52:08.567 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 11:52:08.668 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 13:04:08.669 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 13:04:08.761 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 14:38:39.778 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 14:38:39.876 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 16:05:57.877 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 16:05:57.978 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 17:51:16.183 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 17:51:16.278 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 19:45:34.280 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 19:45:34.522 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 21:05:40.526 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 21:05:40.610 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-14 21:52:04.566 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-14 21:52:04.758 [198884] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-14 21:52:04.758 [198884] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-14 21:52:04.978 [198884] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-14 21:52:05.165 [198884] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105651
2025-12-14 21:52:06.180 [198884] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105651
2025-12-14 21:52:06.180 [198884] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105651
2025-12-14 21:52:06.416 [198888] info on_access.cpp::onAccessThread Restarting real-time protection
2025-12-14 21:52:06.426 [198884] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-14 21:52:06.448 [198888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-14 21:52:06.491 [198888] info on_access.cpp::onAccessThread Real-time protection database was updated
2025-12-14 21:52:06.567 [198884] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-14 21:52:06.568 [198884] info sirius.cpp::downloadUpdates checking for new updates
2025-12-14 21:52:06.692 [198884] info sirius.cpp::downloadUpdates updating package: epa.linux.plugin.edr
2025-12-14 21:52:06.900 [198884] info sirius.cpp::download updated epa.linux.plugin.edr to version 1.0.109
2025-12-14 21:52:07.009 [198884] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-14 21:52:08.970 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "fd15adb84030ddb4bf051496b9d396f0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-14 21:52:16.998 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "fd15adb84030ddb4bf051496b9d396f0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-14 22:46:28.610 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-14 22:46:28.693 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 00:12:52.690 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 00:12:52.775 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 01:17:12.735 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-15 01:17:12.861 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-15 01:17:12.861 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-15 01:17:13.872 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "fdcbb997a929f6c9ef10e12bd7156163:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-15 01:17:13.872 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-15 01:17:13.872 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-15 01:17:13.986 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765779433
2025-12-15 01:17:13.986 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765779433
2025-12-15 01:17:13.986 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-15 01:17:13.987 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-15 01:17:13.987 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-15 02:08:05.791 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 02:08:05.874 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 03:22:47.875 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 03:22:47.968 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 04:41:05.971 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 04:41:06.068 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 06:00:58.675 [198886] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-15 06:00:58.676 [198886] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-15 06:00:58.676 [198886] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-15 06:00:58.676 [198886] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-15 06:00:58.677 [198886] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-15 06:00:58.677 [198886] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-15 06:01:05.149 [198886] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-15 06:01:06.739 [198886] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-15 06:01:13.618 [198886] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"freespace_available\": 318187642880, \"freespace_total\": 318187642880, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"freespace_available\": 706883608576, \"freespace_total\": 706883608576, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.82\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 641196032, \"free_virtual\": 8364212224, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [{\"description\": \"em1\", \"ips\": [\"67.227.174.105\"], \"mac_address\": \"3cecef7617b8\"}]
2025-12-15 06:01:15.577 [198886] info schedule_store.cpp::save Saved nebula schedules
2025-12-15 06:39:54.079 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 06:39:54.181 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 07:53:49.766 [198886] info client.cpp::sync Command received : event.policy.refresh
2025-12-15 07:53:49.865 [198886] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-15 07:53:49.865 [198886] info client.cpp::processPolicy Policy settings: {"rtp_settings": {"malware": {"enabled": true}}, "scan_on_install": true, "scan_on_install_delay_from": 5, "scan_on_install_delay_to": 30}
2025-12-15 07:53:50.877 [198886] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.82", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.82", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4fecf644ac4addcc1a6cfdd53d053875:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-15 07:53:50.878 [198886] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-15 07:53:50.878 [198886] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-15 07:53:51.025 [198886] info client.cpp::syncExclusions Updated exclusions: nebula-1765803230
2025-12-15 07:53:51.026 [198886] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765803230
2025-12-15 07:53:51.026 [198886] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-15 07:53:51.026 [198886] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-15 07:53:51.026 [198886] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-15 08:26:06.179 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 08:26:06.259 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 09:51:36.261 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 09:51:36.364 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 11:10:48.381 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 11:10:48.468 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 13:11:24.469 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 13:11:24.576 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 13:38:39.742 [198886] info client.cpp::registerRefresh nebula client refresh success
2025-12-15 13:38:39.744 [198886] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2025-12-15 13:38:39.767 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 13:38:39.851 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 14:41:39.852 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 14:41:39.945 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 16:09:51.948 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 16:09:52.049 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 17:53:23.060 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 17:53:23.144 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 19:43:11.145 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 19:43:11.244 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 20:59:42.258 [198886] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 20:59:42.343 [198886] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 21:50:23.584 [198883] info telemetry_controller.cpp::processTelemetryData processing exiting
2025-12-15 21:50:24.898 [198887] info communicator.cpp::processor processing exited
2025-12-15 21:50:40.585 [198852] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2025-12-15 21:50:41.587 [198852] info mbdaemon.cpp::main Exiting Main - 0
2025-12-15 21:50:41.628 [36982] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2025-12-15 21:50:41.628 [36982] info mbdaemon.cpp::main logLevel is info
2025-12-15 21:50:41.628 [36982] info mbdaemon.cpp::main syslogLevel is warn
2025-12-15 21:50:41.628 [36982] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2025-12-15 21:50:41.628 [36982] info sirius.cpp::initialize Setting Sirius channel: release
2025-12-15 21:50:41.674 [36982] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2025-12-15 21:50:41.721 [36982] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2025-12-15 21:50:41.851 [36982] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-15 21:50:41.851 [37000] info telemetry_controller.cpp::processTelemetryData processing starting
2025-12-15 21:50:41.851 [37004] info communicator.cpp::processor processing starting
2025-12-15 21:50:41.853 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-15 21:50:48.116 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-15 21:50:48.116 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-15 21:50:48.116 [37001] info on_timer.cpp::update No agent updates available
2025-12-15 21:50:48.116 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-15 21:50:48.117 [37003] info client.cpp::initialize Upgrade detected from mblinux/1.1.82 to mblinux/1.1.84
2025-12-15 21:50:48.117 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-15 21:50:48.117 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-15 21:50:48.117 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-15 21:50:48.117 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-15 21:50:48.225 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-15 21:50:48.225 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-15 21:50:48.735 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-15 21:50:48.785 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105673
2025-12-15 21:50:49.293 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105673
2025-12-15 21:50:49.293 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105673
2025-12-15 21:50:49.312 [37003] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2025-12-15 21:50:49.312 [37003] info sirius.cpp::downloadUpdates checking for new updates
2025-12-15 21:50:49.360 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-15 21:50:49.431 [37003] info sirius.cpp::downloadUpdates updating package: epa.linux.plugin.edr
2025-12-15 21:50:49.494 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-15 21:50:49.900 [37003] info sirius.cpp::download updated epa.linux.plugin.edr to version 1.0.109
2025-12-15 21:50:49.901 [37003] info sirius.cpp::unpack Extracting epa.linux.plugin.edr to /usr/share/mblinux/plugins/epa.linux.plugin.edr/
2025-12-15 21:50:50.903 [37003] info sirius.cpp::unpack Unpacked epa.linux.plugin.edr 1.0.109
2025-12-15 21:50:50.903 [37003] info sirius.cpp::installDownloaded installed epa.linux.plugin.edr 1.0.109
2025-12-15 21:50:50.912 [37003] info schedule_store.cpp::load Loaded nebula schedules
2025-12-15 21:50:51.041 [37003] info client.cpp::callSync []
2025-12-15 21:50:52.048 [37003] info client.cpp::checkAgentAndAssetInfo Sending asset info for new version
2025-12-15 21:50:52.048 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-15 21:50:52.048 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-15 21:50:52.048 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-15 21:50:52.048 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-15 21:50:52.048 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-15 21:51:01.129 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-15 21:51:02.138 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-15 21:51:09.517 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 315831525376, \"freespace_total\": 315831525376, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 706571624448, \"freespace_total\": 706571624448, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3603316736, \"free_virtual\": 8367882240, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-15 21:51:09.541 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4fecf644ac4addcc1a6cfdd53d053875:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-15 21:51:09.697 [37003] info client.cpp::syncExclusions Updated exclusions: 58a0387d6e9751b301915c5416d606ce
2025-12-15 21:51:09.707 [37003] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2025-12-15 21:51:09.707 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 21:51:09.789 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-15 21:51:12.798 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4fecf644ac4addcc1a6cfdd53d053875:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-15 21:51:12.798 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 58a0387d6e9751b301915c5416d606ce
2025-12-15 21:51:12.798 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-15 21:51:12.799 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-15 21:51:12.799 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-15 23:43:40.570 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-15 23:43:40.651 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 00:43:58.652 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 00:43:58.735 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 02:20:16.738 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 02:20:16.847 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 04:19:58.849 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 04:19:58.931 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 06:01:05.142 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-16 06:01:05.143 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-16 06:01:05.143 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-16 06:01:05.143 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-16 06:01:05.144 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-16 06:01:05.144 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-16 06:01:15.994 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-16 06:01:17.004 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-16 06:01:24.372 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 314984517632, \"freespace_total\": 314984517632, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 706392698880, \"freespace_total\": 706392698880, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1229103104, \"free_virtual\": 8360542208, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-16 06:01:24.445 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-16 06:14:16.933 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 06:14:17.040 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 07:20:54.049 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 07:20:54.131 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 09:12:30.133 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 09:12:30.226 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 10:38:54.227 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 10:38:54.326 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 12:16:06.327 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 12:16:06.435 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 14:16:42.602 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 14:16:42.704 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 15:26:54.706 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 15:26:54.810 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 16:32:36.811 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 16:32:36.895 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 17:42:48.897 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 17:42:48.997 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 18:49:25.157 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 18:49:25.259 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 20:30:14.270 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 20:30:14.353 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 21:50:55.627 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-16 21:50:57.185 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4fecf644ac4addcc1a6cfdd53d053875:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-16 21:51:00.969 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-16 21:51:00.969 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-16 21:51:00.970 [37001] info on_timer.cpp::update No agent updates available
2025-12-16 21:51:00.970 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-16 21:51:01.113 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-16 21:51:01.113 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-16 21:51:01.199 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4fecf644ac4addcc1a6cfdd53d053875:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-16 21:51:01.528 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-16 21:51:01.581 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105703
2025-12-16 21:51:02.107 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105703
2025-12-16 21:51:02.107 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105703
2025-12-16 21:51:02.162 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-16 21:51:02.317 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-16 21:51:02.317 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-16 21:51:02.446 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-16 21:51:02.447 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-16 22:02:56.359 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 22:02:56.442 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 23:12:14.441 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-16 23:12:14.523 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-16 23:22:50.549 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-16 23:22:50.692 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-16 23:22:50.692 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-16 23:22:50.692 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-16 23:22:50.692 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-16 23:22:50.692 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-16 23:22:51.701 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5497b7e90408c728b786f52803937703:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-16 23:22:51.702 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-16 23:22:51.702 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-16 23:22:51.814 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1765945371
2025-12-16 23:22:51.814 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765945371
2025-12-16 23:22:51.814 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-16 23:22:51.816 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-16 23:22:51.816 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-17 01:02:00.690 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-17 01:08:04.666 [37003] info on_nebula.cpp::handle Scan complete, duration: 364
2025-12-17 01:08:04.668 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-17 01:08:04.670 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 01:08:04.807 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 02:28:10.801 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 02:28:10.886 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 04:05:22.087 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-17 04:05:22.197 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-17 04:05:22.197 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-17 04:05:22.197 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-17 04:05:22.197 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-17 04:05:22.197 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-17 04:05:22.210 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d45dd35a20704e3f5c0efff7dc1c7e2b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-17 04:05:22.210 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-17 04:05:22.210 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-17 04:05:22.363 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1765962322
2025-12-17 04:05:22.363 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765962322
2025-12-17 04:05:22.363 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-17 04:05:22.364 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-17 04:05:22.365 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-17 04:15:17.352 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 04:15:17.433 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 05:34:29.434 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 05:34:33.459 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 06:01:10.362 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-17 06:01:10.368 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-17 06:01:10.381 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-17 06:01:10.381 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-17 06:01:10.382 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-17 06:01:10.389 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-17 06:01:17.505 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-17 06:01:18.565 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-17 06:01:29.030 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 312282636288, \"freespace_total\": 312282636288, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 705909043200, \"freespace_total\": 705909043200, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1355235328, \"free_virtual\": 8369659904, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-17 06:01:29.138 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-17 07:07:15.460 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 07:07:15.558 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 08:37:15.561 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 08:37:15.644 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 10:02:46.657 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 10:02:46.742 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 11:12:58.743 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 11:12:58.833 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 12:08:31.382 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-17 12:08:31.527 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-17 12:08:31.527 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-17 12:08:31.527 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-17 12:08:31.527 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-17 12:08:31.527 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-17 12:08:32.543 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "2d0a8c70a8e25255ec61ee13f82a82b8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-17 12:08:32.544 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-17 12:08:32.544 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-17 12:08:32.701 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1765991312
2025-12-17 12:08:32.701 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1765991312
2025-12-17 12:08:32.701 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-17 12:08:32.702 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-17 12:08:32.702 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-17 12:47:28.834 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 12:47:28.915 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 13:54:04.916 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 13:54:05.012 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 15:40:18.019 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 15:40:18.102 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 17:18:24.109 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 17:18:24.191 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 18:50:12.190 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 18:50:12.271 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 19:58:36.272 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 19:58:36.376 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 21:04:18.377 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 21:04:18.479 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-17 21:51:07.071 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-17 21:51:12.435 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-17 21:51:12.436 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-17 21:51:12.436 [37001] info on_timer.cpp::update No agent updates available
2025-12-17 21:51:12.436 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-17 21:51:12.563 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-17 21:51:12.563 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-17 21:51:12.867 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-17 21:51:13.035 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105735
2025-12-17 21:51:13.798 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105735
2025-12-17 21:51:13.798 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105735
2025-12-17 21:51:14.126 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-17 21:51:14.262 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-17 21:51:14.262 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-17 21:51:14.404 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-17 21:51:14.405 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-17 22:39:42.707 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-17 22:39:42.790 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 00:00:42.778 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 00:00:42.860 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 01:01:58.879 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-18 01:08:10.551 [37003] info on_nebula.cpp::handle Scan complete, duration: 372
2025-12-18 01:08:10.553 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-18 01:08:10.554 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 01:08:10.675 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 02:12:58.678 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 02:12:58.772 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 03:14:10.773 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 03:14:10.855 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 04:37:53.249 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 04:37:53.332 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 06:23:11.333 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 06:23:11.415 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 08:02:11.417 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 08:02:11.519 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 09:01:16.019 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-18 09:01:16.147 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-18 09:01:16.147 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-18 09:01:16.147 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-18 09:01:16.147 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-18 09:01:16.147 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-18 09:01:17.163 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "677f409cb482e95a8855c0740f0d6cc0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-18 09:01:17.164 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-18 09:01:17.165 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-18 09:01:17.274 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766066477
2025-12-18 09:01:17.274 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766066477
2025-12-18 09:01:17.275 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-18 09:01:17.276 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-18 09:01:17.276 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-18 09:13:17.520 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 09:13:17.604 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 10:21:41.608 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 10:21:41.728 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 11:22:54.740 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 11:22:54.841 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 13:10:00.844 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 13:10:00.929 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 14:49:00.928 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 14:49:01.010 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 16:40:48.703 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-18 16:40:48.811 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-18 16:40:48.811 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-18 16:40:48.811 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-18 16:40:48.812 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-18 16:40:48.812 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-18 16:40:48.830 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3015315d1b32f6ab6523502d10c11111:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-18 16:40:48.830 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-18 16:40:48.830 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-18 16:40:48.994 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766094048
2025-12-18 16:40:48.994 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766094048
2025-12-18 16:40:48.994 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-18 16:40:48.995 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-18 16:40:48.995 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-18 16:47:50.027 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 16:47:50.117 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 18:12:26.119 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 18:12:26.239 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 19:42:26.239 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 19:42:26.320 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 21:08:50.333 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 21:08:50.435 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-18 21:51:18.659 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-18 21:51:24.021 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-18 21:51:24.484 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-18 21:51:24.484 [37001] info on_timer.cpp::update No agent updates available
2025-12-18 21:51:24.484 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-18 21:51:24.657 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-18 21:51:25.090 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-18 21:51:25.335 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-18 21:51:25.390 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105759
2025-12-18 21:51:25.986 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105759
2025-12-18 21:51:25.986 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105759
2025-12-18 21:51:26.075 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-18 21:51:26.234 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-18 21:51:26.234 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-18 21:51:26.383 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-18 21:51:26.384 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-18 22:50:38.116 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-18 22:50:38.281 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-18 22:50:38.281 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-18 22:50:38.281 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-18 22:50:38.281 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-18 22:50:38.281 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-18 22:50:39.295 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3a74a299f8abfba7e4d54259206478e5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-18 22:50:39.295 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-18 22:50:39.295 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-18 22:50:39.428 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766116239
2025-12-18 22:50:39.428 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766116239
2025-12-18 22:50:39.428 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-18 22:50:39.429 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-18 22:50:39.429 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-18 23:04:57.455 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-18 23:04:57.539 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 00:55:39.541 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 00:55:39.643 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 02:54:27.644 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 02:54:27.748 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 03:23:39.626 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-19 03:23:39.756 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-19 03:23:39.756 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-19 03:23:39.756 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-19 03:23:39.756 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-19 03:23:39.756 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-19 03:23:39.945 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "47cf3d2cacaba8675b76b12ed170a610:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 03:23:39.945 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-19 03:23:39.945 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-19 03:23:40.109 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766132619
2025-12-19 03:23:40.109 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766132619
2025-12-19 03:23:40.109 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-19 03:23:40.109 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-19 03:23:40.110 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-19 04:28:57.747 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-19 04:28:57.871 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-19 04:28:57.871 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-19 04:28:57.871 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-19 04:28:57.871 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-19 04:28:57.871 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-19 04:28:58.898 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "e0ff368ab725d444a19b9db1c096f495:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 04:28:58.898 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-19 04:28:58.898 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-19 04:28:59.073 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766136538
2025-12-19 04:28:59.073 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766136538
2025-12-19 04:28:59.073 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-19 04:28:59.074 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-19 04:28:59.074 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-19 04:44:15.749 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 04:44:15.833 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 06:25:03.836 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 06:25:03.921 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 07:30:45.922 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 07:30:46.003 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 09:24:10.006 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 09:24:10.088 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 11:23:52.092 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 11:23:52.188 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 12:24:11.911 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-19 12:24:12.026 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-19 12:24:12.026 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-19 12:24:12.027 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-19 12:24:12.027 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-19 12:24:12.027 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-19 12:24:13.040 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "ba7bafb46314f313f78e1696dbaf15ff:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 12:24:13.041 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-19 12:24:13.042 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-19 12:24:13.141 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766165053
2025-12-19 12:24:13.141 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766165053
2025-12-19 12:24:13.141 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-19 12:24:13.143 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-19 12:24:13.143 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-19 12:53:52.205 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 12:53:52.300 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 14:36:28.300 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 14:36:28.381 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 15:13:59.237 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-19 15:13:59.344 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-19 15:13:59.344 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-19 15:13:59.344 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-19 15:13:59.344 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-19 15:13:59.344 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-19 15:14:00.362 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "886d04f6a68c8802d837ef1041272bec:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 15:14:00.363 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-19 15:14:00.363 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-19 15:14:00.523 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766175240
2025-12-19 15:14:00.523 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766175240
2025-12-19 15:14:00.523 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-19 15:14:00.524 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-19 15:14:00.524 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-19 16:08:16.383 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 16:08:16.474 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 16:22:39.690 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-19 16:22:39.790 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-19 16:22:39.790 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-19 16:22:39.790 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-19 16:22:39.790 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-19 16:22:39.790 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-19 16:22:40.803 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "fbaffd6cdaea43593000510bed2e4329:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 16:22:40.804 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-19 16:22:40.804 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-19 16:22:40.909 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766179360
2025-12-19 16:22:40.909 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766179360
2025-12-19 16:22:40.909 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-19 16:22:40.910 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-19 16:22:40.910 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-19 16:50:14.109 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-19 16:50:14.228 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-19 16:50:14.228 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-19 16:50:14.228 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-19 16:50:14.228 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-19 16:50:14.228 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-19 16:50:15.243 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "da7fe0fb086a578eaf594ba54ec71bef:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 16:50:15.243 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-19 16:50:15.243 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-19 16:50:15.353 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766181015
2025-12-19 16:50:15.353 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766181015
2025-12-19 16:50:15.353 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-19 16:50:15.354 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-19 16:50:15.354 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-19 17:09:28.475 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 17:09:28.578 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 18:55:41.598 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 18:55:41.679 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 20:23:53.680 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 20:23:53.762 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 21:51:30.698 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-19 21:51:35.163 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "da7fe0fb086a578eaf594ba54ec71bef:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 21:51:37.038 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-19 21:51:37.038 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-19 21:51:37.038 [37001] info on_timer.cpp::update No agent updates available
2025-12-19 21:51:37.038 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-19 21:51:37.193 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-19 21:51:37.193 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-19 21:51:37.841 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-19 21:51:38.060 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105785
2025-12-19 21:51:38.866 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105785
2025-12-19 21:51:38.866 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105785
2025-12-19 21:51:39.080 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-19 21:51:39.180 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.109", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "da7fe0fb086a578eaf594ba54ec71bef:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 21:51:39.293 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-19 21:51:39.293 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-19 21:51:39.443 [37001] info sirius.cpp::downloadUpdates updating package: epa.linux.plugin.edr
2025-12-19 21:51:39.872 [37001] info sirius.cpp::backupEntry Backing up package: epa.linux.plugin.edr
2025-12-19 21:51:39.919 [37001] info sirius.cpp::download updated epa.linux.plugin.edr to version 1.0.112
2025-12-19 21:51:39.920 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-19 21:51:43.197 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "da7fe0fb086a578eaf594ba54ec71bef:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 21:51:49.262 [36984] info sirius.cpp::unpack Extracting epa.linux.plugin.edr to /usr/share/mblinux/plugins/epa.linux.plugin.edr/
2025-12-19 21:51:50.266 [36984] info sirius.cpp::unpack Unpacked epa.linux.plugin.edr 1.0.112
2025-12-19 21:51:50.267 [36984] info sirius.cpp::installDownloaded installed epa.linux.plugin.edr 1.0.112
2025-12-19 21:51:59.259 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "da7fe0fb086a578eaf594ba54ec71bef:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-19 21:56:35.062 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 21:56:35.143 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-19 23:51:47.844 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-19 23:51:47.925 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 01:01:58.130 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-20 01:07:55.952 [37003] info on_nebula.cpp::handle Scan complete, duration: 357
2025-12-20 01:07:55.954 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-20 01:07:55.955 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 01:07:56.053 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 02:42:26.055 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 02:42:26.143 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 04:32:14.145 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 04:32:14.239 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 06:00:58.388 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-20 06:00:58.388 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-20 06:00:58.388 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-20 06:00:58.388 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-20 06:00:58.389 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-20 06:00:58.389 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-20 06:01:08.607 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-20 06:01:09.620 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-20 06:01:18.052 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 304797687808, \"freespace_total\": 304797687808, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 704601411584, \"freespace_total\": 704601411584, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1406582784, \"free_virtual\": 8343764992, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-20 06:01:18.083 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-20 06:15:44.241 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 06:15:44.324 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 08:01:02.324 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 08:01:02.413 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 09:39:08.414 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 09:39:08.496 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 11:35:14.498 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 11:35:14.597 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 13:09:44.599 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 13:09:44.680 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 14:39:44.681 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 14:39:44.790 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 16:34:02.793 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 16:34:02.898 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 18:34:38.900 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 18:34:38.984 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 19:52:56.985 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 19:52:57.092 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 20:53:15.093 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 20:53:15.200 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-20 21:51:44.047 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-20 21:51:50.413 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-20 21:51:50.414 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-20 21:51:50.414 [37001] info on_timer.cpp::update No agent updates available
2025-12-20 21:51:50.414 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-20 21:51:50.548 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-20 21:51:50.548 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-20 21:51:50.819 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-20 21:51:51.184 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105807
2025-12-20 21:51:51.809 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105807
2025-12-20 21:51:51.809 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105807
2025-12-20 21:51:52.141 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-20 21:51:52.301 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-20 21:51:52.302 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-20 21:51:52.440 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-20 21:51:52.441 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-20 22:37:39.205 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-20 22:37:39.286 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 00:11:16.305 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 00:11:16.388 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 01:02:00.472 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-21 01:08:37.755 [37003] info on_nebula.cpp::handle Scan complete, duration: 397
2025-12-21 01:08:37.757 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-21 01:08:37.758 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 01:08:37.879 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 02:49:25.880 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 02:49:25.969 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 03:56:55.970 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 03:56:56.052 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 05:50:21.080 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 05:50:21.202 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 06:00:59.387 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-21 06:00:59.387 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-21 06:00:59.387 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-21 06:00:59.387 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-21 06:00:59.388 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-21 06:00:59.388 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-21 06:01:06.578 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-21 06:01:07.591 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-21 06:01:16.124 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 299853529088, \"freespace_total\": 299853529088, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 704208093184, \"freespace_total\": 704208093184, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1701175296, \"free_virtual\": 8337735680, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-21 06:01:16.198 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-21 06:01:16.199 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 06:01:16.304 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 07:24:04.306 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 07:24:04.405 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 08:54:04.407 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 08:54:04.488 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 10:11:29.503 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 10:11:29.604 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 11:11:47.605 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 11:11:47.688 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 12:20:37.172 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-21 12:20:37.279 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-21 12:20:37.279 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-21 12:20:37.279 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-21 12:20:37.279 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-21 12:20:37.280 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-21 12:20:41.201 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6f45523414a64eb07ef049041ac5c954:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-21 12:20:41.215 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-21 12:20:41.223 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-21 12:20:41.337 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766337641
2025-12-21 12:20:41.337 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766337641
2025-12-21 12:20:41.337 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-21 12:20:41.340 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-21 12:20:41.340 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-21 12:44:29.688 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 12:44:29.772 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 14:20:47.773 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 14:20:47.858 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 16:15:59.855 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 16:15:59.939 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 18:03:06.192 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 18:03:06.274 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 19:38:30.276 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 19:38:30.359 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 21:25:37.373 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 21:25:37.467 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-21 21:51:57.381 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-21 21:51:59.482 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6f45523414a64eb07ef049041ac5c954:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-21 21:52:03.801 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-21 21:52:03.801 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-21 21:52:03.801 [37001] info on_timer.cpp::update No agent updates available
2025-12-21 21:52:03.801 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-21 21:52:03.987 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-21 21:52:03.987 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-21 21:52:04.187 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-21 21:52:04.378 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105815
2025-12-21 21:52:05.012 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105815
2025-12-21 21:52:05.012 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105815
2025-12-21 21:52:05.070 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-21 21:52:05.249 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-21 21:52:05.249 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-21 21:52:05.381 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-21 21:52:05.382 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-21 21:52:11.542 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6f45523414a64eb07ef049041ac5c954:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-21 22:31:19.410 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-21 22:31:19.508 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 00:16:37.568 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 00:16:37.660 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 01:42:07.662 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 01:42:07.747 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 02:53:13.749 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 02:53:13.848 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 04:12:25.849 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 04:12:25.936 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 05:57:43.937 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 05:57:44.021 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 07:18:44.022 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 07:18:44.124 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 09:05:50.125 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 09:05:50.207 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 10:39:26.209 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 10:39:26.292 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 12:15:44.294 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 12:15:44.398 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 13:45:44.400 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 13:45:44.667 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 15:33:44.696 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 15:33:44.778 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 17:19:02.779 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 17:19:02.862 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 17:37:45.805 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-22 17:37:45.915 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-22 17:37:45.915 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-22 17:37:45.915 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-22 17:37:45.915 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-22 17:37:45.916 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-22 17:37:46.929 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6e4edebf412c8b144ced342a76ca856d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-22 17:37:46.930 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-22 17:37:46.931 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-22 17:37:47.035 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766443066
2025-12-22 17:37:47.035 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766443066
2025-12-22 17:37:47.044 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-22 17:37:47.046 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-22 17:37:47.046 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-22 18:30:08.863 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 18:30:08.952 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 19:51:08.952 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 19:51:09.034 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 21:15:45.035 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 21:15:45.119 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-22 21:52:09.487 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-22 21:52:15.857 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-22 21:52:15.857 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-22 21:52:15.857 [37001] info on_timer.cpp::update No agent updates available
2025-12-22 21:52:15.857 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-22 21:52:15.988 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-22 21:52:15.989 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-22 21:52:16.443 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-22 21:52:16.501 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105837
2025-12-22 21:52:17.458 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105837
2025-12-22 21:52:17.458 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105837
2025-12-22 21:52:17.786 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-22 21:52:17.936 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-22 21:52:17.936 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-22 21:52:18.065 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-22 21:52:18.066 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-22 22:41:15.124 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-22 22:41:15.208 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 00:37:21.210 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 00:37:21.294 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 01:01:59.376 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-23 01:09:03.765 [37003] info on_nebula.cpp::handle Scan complete, duration: 424
2025-12-23 01:09:03.767 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-23 01:09:03.768 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 01:09:03.915 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 02:12:03.916 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 02:12:04.012 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 03:40:16.013 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 03:40:16.108 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 05:21:58.109 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 05:21:58.220 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 06:22:17.235 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 06:22:17.343 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 06:55:38.857 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-23 06:55:38.993 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-23 06:55:38.993 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-23 06:55:38.993 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-23 06:55:38.993 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-23 06:55:38.993 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-23 06:55:40.011 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "e3762f38e71267ef4ea514f919798125:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-23 06:55:40.012 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-23 06:55:40.012 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-23 06:55:40.160 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766490940
2025-12-23 06:55:40.160 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766490940
2025-12-23 06:55:40.160 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-23 06:55:40.181 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-23 06:55:40.181 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-23 07:24:23.345 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 07:24:23.428 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 09:11:29.430 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 09:11:29.533 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 11:07:35.788 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 11:07:35.869 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 11:40:25.805 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-23 11:40:25.930 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-23 11:40:25.930 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-23 11:40:25.930 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-23 11:40:25.930 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-23 11:40:25.930 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-23 11:40:25.960 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d2646161aa8c622a5b9ae42b95b34816:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-23 11:40:25.961 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-23 11:40:25.961 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-23 11:40:26.108 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766508025
2025-12-23 11:40:26.108 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766508025
2025-12-23 11:40:26.108 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-23 11:40:26.109 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-23 11:40:26.109 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-23 11:42:12.703 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-23 11:42:12.820 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-23 11:42:12.820 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-23 11:42:12.820 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-23 11:42:12.820 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-23 11:42:12.820 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-23 11:42:13.837 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "142f2557c262663b685541c72ba7928a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-23 11:42:13.837 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-23 11:42:13.838 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-23 11:42:13.987 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766508133
2025-12-23 11:42:13.987 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766508133
2025-12-23 11:42:13.987 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-23 11:42:13.988 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-23 11:42:13.988 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-23 12:13:17.869 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 12:13:17.951 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 12:53:25.358 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-23 12:53:25.490 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-23 12:53:25.490 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-23 12:53:25.490 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-23 12:53:25.490 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-23 12:53:25.490 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-23 12:53:26.511 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b7b592fe290244fd69b12daf5b8dbd20:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-23 12:53:26.511 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-23 12:53:26.511 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-23 12:53:26.604 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766512406
2025-12-23 12:53:26.604 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766512406
2025-12-23 12:53:26.604 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-23 12:53:26.605 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-23 12:53:26.605 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-23 13:39:41.951 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 13:39:42.033 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 14:42:42.034 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 14:42:42.116 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 16:27:07.134 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 16:27:07.264 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 17:50:50.279 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 17:50:50.396 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 19:28:03.422 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 19:28:03.522 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 21:08:51.524 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 21:08:51.605 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 21:52:22.368 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-23 21:52:26.214 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b7b592fe290244fd69b12daf5b8dbd20:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-23 21:52:28.719 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-23 21:52:28.728 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-23 21:52:28.728 [37001] info on_timer.cpp::update No agent updates available
2025-12-23 21:52:28.728 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-23 21:52:28.861 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-23 21:52:28.861 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-23 21:52:29.075 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-23 21:52:29.261 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105871
2025-12-23 21:52:30.085 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105871
2025-12-23 21:52:30.085 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105871
2025-12-23 21:52:30.231 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b7b592fe290244fd69b12daf5b8dbd20:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-23 21:52:30.463 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-23 21:52:30.647 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-23 21:52:30.647 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-23 21:52:30.781 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-23 21:52:30.782 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-23 22:25:21.604 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 22:25:21.687 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-23 23:53:33.686 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-23 23:53:33.789 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 01:00:01.970 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-24 01:00:02.117 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-24 01:00:02.117 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-24 01:00:02.117 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-24 01:00:02.117 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-24 01:00:02.117 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-24 01:00:02.602 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "c508212c9047c51255308295849e8f45:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-24 01:00:02.602 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-24 01:00:02.602 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-24 01:00:02.741 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766556002
2025-12-24 01:00:02.742 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766556002
2025-12-24 01:00:02.742 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-24 01:00:02.742 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-24 01:00:02.742 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-24 01:37:58.028 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 01:37:58.130 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 03:07:59.146 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 03:07:59.228 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 04:23:35.728 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 04:23:35.811 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 05:29:17.813 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 05:29:17.903 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 06:01:00.024 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-24 06:01:00.025 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-24 06:01:00.025 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-24 06:01:00.025 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-24 06:01:00.025 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-24 06:01:00.026 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-24 06:01:16.388 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-24 06:01:17.404 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-24 06:01:24.872 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 306763972608, \"freespace_total\": 306763972608, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 702991294464, \"freespace_total\": 702991294464, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 511180800, \"free_virtual\": 8312832000, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\":
2025-12-24 06:01:24.940 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-24 07:19:59.901 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 07:19:59.984 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 08:43:41.986 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 08:43:42.067 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 09:26:47.919 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-24 09:26:48.039 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-24 09:26:48.039 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-24 09:26:48.039 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-24 09:26:48.039 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-24 09:26:48.040 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-24 09:26:49.055 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "bd72b8f3f2b93e0433f7d6f972f54d03:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-24 09:26:49.055 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-24 09:26:49.057 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-24 09:26:49.208 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766586409
2025-12-24 09:26:49.208 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766586409
2025-12-24 09:26:49.209 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-24 09:26:49.211 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-24 09:26:49.211 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-24 10:43:24.533 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 10:43:24.617 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 12:25:06.619 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 12:25:06.702 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 13:57:48.700 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 13:57:48.782 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 15:54:49.800 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 15:54:49.881 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 17:41:01.881 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 17:41:01.964 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 19:12:49.965 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 19:12:50.046 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 19:51:19.128 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-24 19:51:19.243 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-24 19:51:19.243 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-24 19:51:19.243 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-24 19:51:19.243 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-24 19:51:19.243 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-24 19:51:20.257 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "80328e68b35ed2be0e7524ed61f90dbe:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-24 19:51:20.258 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-24 19:51:20.258 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-24 19:51:20.450 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766623880
2025-12-24 19:51:20.450 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766623880
2025-12-24 19:51:20.450 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-24 19:51:20.450 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-24 19:51:20.450 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-24 20:29:20.048 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 20:29:20.130 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-24 21:52:35.014 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-24 21:52:39.491 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "80328e68b35ed2be0e7524ed61f90dbe:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-24 21:52:40.415 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-24 21:52:40.415 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-24 21:52:40.415 [37001] info on_timer.cpp::update No agent updates available
2025-12-24 21:52:40.415 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-24 21:52:40.548 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-24 21:52:40.548 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-24 21:52:40.834 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-24 21:52:41.070 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105891
2025-12-24 21:52:41.937 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105891
2025-12-24 21:52:41.937 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105891
2025-12-24 21:52:42.340 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-24 21:52:42.535 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-24 21:52:42.535 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-24 21:52:42.685 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-24 21:52:42.686 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-24 21:52:46.531 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "80328e68b35ed2be0e7524ed61f90dbe:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-24 22:16:04.271 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-24 22:16:04.374 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-24 22:16:04.374 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-24 22:16:04.374 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-24 22:16:04.375 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-24 22:16:04.375 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-24 22:16:05.394 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "f1c083abd061bafac9d84349e47f56d9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-24 22:16:05.394 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-24 22:16:05.394 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-24 22:16:05.547 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766632565
2025-12-24 22:16:05.547 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766632565
2025-12-24 22:16:05.547 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-24 22:16:05.548 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-24 22:16:05.548 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-24 22:29:57.142 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-24 22:29:57.224 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 00:13:28.243 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 00:13:28.349 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 02:00:34.578 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 02:00:34.660 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 03:26:58.891 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 03:26:58.992 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 04:49:46.999 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 04:49:47.085 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 05:55:29.088 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 05:55:29.174 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 06:00:58.213 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-25 06:00:58.213 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-25 06:00:58.213 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-25 06:00:58.213 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-25 06:00:58.214 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-25 06:00:58.214 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-25 06:01:09.751 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-25 06:01:10.766 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-25 06:01:18.262 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 303884275712, \"freespace_total\": 303884275712, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 702506663936, \"freespace_total\": 702506663936, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1361903616, \"free_virtual\": 8277995520, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-25 06:01:18.294 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-25 07:20:05.175 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 07:20:05.259 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 08:37:29.261 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 08:37:29.344 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 10:02:59.344 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 10:02:59.425 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 11:18:35.427 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 11:18:35.519 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 12:44:59.521 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 12:44:59.604 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 14:35:42.625 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 14:35:42.714 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 14:50:19.098 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-25 14:50:19.236 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-25 14:50:19.236 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-25 14:50:19.237 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-25 14:50:19.237 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-25 14:50:19.237 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-25 14:50:20.261 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "8205aa847ec9e7042251212b466af2a0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-25 14:50:20.262 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-25 14:50:20.263 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-25 14:50:20.430 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766692220
2025-12-25 14:50:20.430 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766692220
2025-12-25 14:50:20.430 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-25 14:50:20.451 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-25 14:50:20.451 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-25 16:16:30.943 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 16:16:31.024 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 18:03:38.039 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 18:03:38.123 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 19:18:59.307 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-25 19:18:59.436 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-25 19:18:59.436 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-25 19:18:59.436 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-25 19:18:59.436 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-25 19:18:59.436 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-25 19:19:00.450 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1d27b2511bea229cff7be1e9df56a61c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-25 19:19:00.450 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-25 19:19:00.450 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-25 19:19:00.564 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766708340
2025-12-25 19:19:00.564 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766708340
2025-12-25 19:19:00.564 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-25 19:19:00.565 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-25 19:19:00.565 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-25 19:30:56.126 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 19:30:56.242 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 20:31:14.241 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 20:31:14.323 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 21:52:46.761 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-25 21:52:49.535 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1d27b2511bea229cff7be1e9df56a61c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-25 21:52:51.101 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-25 21:52:51.104 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-25 21:52:51.104 [37001] info on_timer.cpp::update No agent updates available
2025-12-25 21:52:51.104 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-25 21:52:51.254 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-25 21:52:51.254 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-25 21:52:51.501 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-25 21:52:51.565 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105903
2025-12-25 21:52:52.245 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105903
2025-12-25 21:52:52.246 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105903
2025-12-25 21:52:52.359 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-25 21:52:52.535 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-25 21:52:52.536 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-25 21:52:52.670 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-25 21:52:52.671 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-25 21:52:53.551 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1d27b2511bea229cff7be1e9df56a61c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-25 21:55:50.188 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 21:55:50.268 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-25 22:56:54.541 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-25 22:56:54.667 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-25 22:56:54.667 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-25 22:56:54.667 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-25 22:56:54.667 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-25 22:56:54.667 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-25 22:56:54.754 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "9912368faf7638fee6a90ee6edb87b6f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-25 22:56:54.754 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-25 22:56:54.754 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-25 22:56:54.846 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766721414
2025-12-25 22:56:54.846 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766721414
2025-12-25 22:56:54.846 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-25 22:56:54.847 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-25 22:56:54.847 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-25 23:39:20.408 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-25 23:39:20.491 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 00:54:57.507 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 00:54:57.612 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 01:01:59.787 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-26 01:08:50.293 [37003] info on_nebula.cpp::handle Scan complete, duration: 411
2025-12-26 01:08:50.295 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-26 01:08:50.296 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 01:08:50.432 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 03:00:26.915 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 03:00:26.996 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 04:12:26.997 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 04:12:27.078 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 05:41:35.103 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 05:41:36.324 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 06:00:58.458 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-26 06:00:58.459 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-26 06:00:58.459 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-26 06:00:58.459 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-26 06:00:58.460 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-26 06:00:58.460 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-26 06:01:10.072 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-26 06:01:11.088 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-26 06:01:20.953 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 301143502848, \"freespace_total\": 301143502848, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 701956259840, \"freespace_total\": 701956259840, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1296605184, \"free_virtual\": 8301297664, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-26 06:01:21.011 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-26 07:24:12.325 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 07:24:12.424 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 08:57:48.438 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 08:57:48.526 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 10:35:54.754 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 10:35:54.834 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 12:16:42.836 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 12:16:42.922 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 12:19:04.077 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-26 12:19:04.192 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-26 12:19:04.192 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-26 12:19:04.192 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-26 12:19:04.192 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-26 12:19:04.192 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-26 12:19:05.206 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "c5ac4a119af9d24bd0a3cd317c7fe157:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-26 12:19:05.207 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-26 12:19:05.212 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-26 12:19:05.362 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766769545
2025-12-26 12:19:05.362 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766769545
2025-12-26 12:19:05.362 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-26 12:19:05.364 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-26 12:19:05.364 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-26 12:28:28.731 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-26 12:28:28.830 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-26 12:28:28.830 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-26 12:28:28.830 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-26 12:28:28.830 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-26 12:28:28.830 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-26 12:28:29.850 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "41d7f63b79b0b9296051a0f608705d13:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-26 12:28:29.850 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-26 12:28:29.850 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-26 12:28:29.986 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766770109
2025-12-26 12:28:29.986 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766770109
2025-12-26 12:28:29.986 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-26 12:28:29.987 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-26 12:28:29.988 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-26 14:15:30.926 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 14:15:31.010 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 15:31:07.012 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 15:31:07.095 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 16:33:13.111 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 16:33:13.195 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 17:17:48.781 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-26 17:17:48.924 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-26 17:17:48.924 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-26 17:17:48.924 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-26 17:17:48.924 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-26 17:17:48.924 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-26 17:17:49.938 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b664007630f634cc5862af4f3237bfcb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-26 17:17:49.938 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-26 17:17:49.938 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-26 17:17:50.084 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766787469
2025-12-26 17:17:50.084 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766787469
2025-12-26 17:17:50.084 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-26 17:17:50.085 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-26 17:17:50.085 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-26 18:20:19.197 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 18:20:19.286 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 19:25:07.288 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 19:25:07.371 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 20:36:13.373 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 20:36:13.477 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 21:52:57.110 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-26 21:52:58.974 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b664007630f634cc5862af4f3237bfcb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-26 21:53:02.564 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-26 21:53:02.564 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-26 21:53:02.564 [37001] info on_timer.cpp::update No agent updates available
2025-12-26 21:53:02.564 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-26 21:53:02.741 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-26 21:53:02.741 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-26 21:53:02.999 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-26 21:53:03.301 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105915
2025-12-26 21:53:04.174 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105915
2025-12-26 21:53:04.174 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105915
2025-12-26 21:53:04.271 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-26 21:53:04.439 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-26 21:53:04.439 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-26 21:53:04.611 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-26 21:53:04.612 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-26 21:53:07.032 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b664007630f634cc5862af4f3237bfcb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-26 22:32:20.499 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 22:32:20.581 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-26 23:52:26.582 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-26 23:52:26.664 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 00:52:45.677 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 00:52:45.758 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 02:31:45.760 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 02:31:45.849 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 04:28:45.852 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 04:28:45.934 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 05:52:27.946 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 05:52:28.035 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 06:00:58.147 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-27 06:00:58.148 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-27 06:00:58.148 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-27 06:00:58.148 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-27 06:00:58.149 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-27 06:00:58.149 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-27 06:01:09.727 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-27 06:01:10.741 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-27 06:01:19.276 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 296946999296, \"freespace_total\": 296946999296, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 701386104832, \"freespace_total\": 701386104832, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1168117760, \"free_virtual\": 8260296704, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-27 06:01:19.331 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-27 07:34:11.054 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 07:34:11.137 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 09:24:53.138 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 09:24:53.220 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 10:51:59.724 [37003] info client.cpp::sync Command received : event.policy.refresh
2025-12-27 10:51:59.850 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2025-12-27 10:51:59.850 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2025-12-27 10:51:59.850 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-27 10:51:59.850 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2025-12-27 10:51:59.851 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2025-12-27 10:52:00.868 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-27 10:52:00.868 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2025-12-27 10:52:00.869 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2025-12-27 10:52:00.969 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1766850720
2025-12-27 10:52:00.969 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1766850720
2025-12-27 10:52:00.970 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2025-12-27 10:52:00.972 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2025-12-27 10:52:00.972 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2025-12-27 10:53:06.234 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 10:53:06.319 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 12:24:54.322 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 12:24:54.423 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 13:34:12.424 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 13:34:12.509 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 15:01:30.750 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 15:01:30.857 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 16:13:31.087 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 16:13:31.170 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 17:30:01.172 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 17:30:01.252 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 18:48:19.254 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 18:48:19.335 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 20:26:25.337 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 20:26:25.440 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 21:53:08.789 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-27 21:53:12.713 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-27 21:53:14.189 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-27 21:53:14.190 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-27 21:53:14.190 [37001] info on_timer.cpp::update No agent updates available
2025-12-27 21:53:14.190 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-27 21:53:14.326 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-27 21:53:14.326 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-27 21:53:14.605 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-27 21:53:14.858 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105947
2025-12-27 21:53:15.724 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105947
2025-12-27 21:53:15.724 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105947
2025-12-27 21:53:16.089 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-27 21:53:16.255 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-27 21:53:16.256 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-27 21:53:16.389 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-27 21:53:16.390 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-27 21:53:20.747 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-27 22:16:14.459 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 22:16:14.541 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-27 23:53:27.558 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-27 23:53:27.640 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 01:01:59.673 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-28 01:08:42.565 [37003] info on_nebula.cpp::handle Scan complete, duration: 403
2025-12-28 01:08:42.566 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-28 01:08:42.568 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 01:08:42.707 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 02:10:48.709 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 02:10:48.799 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 03:17:24.801 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 03:17:24.892 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 04:36:36.896 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 04:36:37.002 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 06:01:11.876 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-28 06:01:11.885 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-28 06:01:11.885 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-28 06:01:11.885 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-28 06:01:11.886 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-28 06:01:11.886 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-28 06:01:19.834 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-28 06:01:20.881 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-28 06:01:30.545 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 292997324800, \"freespace_total\": 292997324800, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 700732334080, \"freespace_total\": 700732334080, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1587494912, \"free_virtual\": 8205615104, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-28 06:01:30.599 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-28 06:01:30.600 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 06:01:30.720 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 07:51:18.722 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 07:51:18.805 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 09:05:06.807 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 09:05:06.891 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 10:50:24.892 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 10:50:25.001 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 11:58:49.228 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 11:58:49.310 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 13:18:01.537 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 13:18:01.626 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 13:38:41.954 [37003] info client.cpp::registerRefresh nebula client refresh success
2025-12-28 13:38:41.954 [37003] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2025-12-28 13:38:41.978 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 13:38:42.060 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 14:52:30.062 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 14:52:30.144 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 16:15:19.160 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 16:15:19.240 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 17:22:49.240 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 17:22:49.324 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 19:18:01.326 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 19:18:01.412 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 21:06:01.410 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 21:06:01.496 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 21:53:21.185 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-28 21:53:25.438 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-28 21:53:25.626 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-28 21:53:25.626 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-28 21:53:25.626 [37001] info on_timer.cpp::update No agent updates available
2025-12-28 21:53:25.626 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-28 21:53:25.765 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-28 21:53:25.765 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-28 21:53:25.989 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-28 21:53:26.058 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.105981
2025-12-28 21:53:27.170 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.105981
2025-12-28 21:53:27.170 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.105981
2025-12-28 21:53:27.564 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-28 21:53:27.773 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-28 21:53:27.773 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-28 21:53:27.911 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-28 21:53:27.912 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-28 21:53:29.456 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-28 22:06:19.484 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 22:06:19.567 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-28 23:49:49.816 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-28 23:49:49.900 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 01:01:58.172 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-29 01:08:58.751 [37003] info on_nebula.cpp::handle Scan complete, duration: 420
2025-12-29 01:08:58.753 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-29 01:08:58.754 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 01:08:58.899 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 02:23:40.901 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 02:23:40.989 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 03:46:28.991 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 03:46:29.074 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 04:58:30.088 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 04:58:30.170 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 06:15:01.200 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 06:15:01.292 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 08:11:07.294 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 08:11:07.403 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 09:38:26.426 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 09:38:26.513 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 10:47:45.528 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 10:47:45.612 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 12:33:57.613 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 12:33:57.694 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 13:50:27.696 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 13:50:27.782 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 15:15:03.783 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 15:15:03.871 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 16:48:39.872 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 16:48:39.974 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 18:33:03.975 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 18:33:04.069 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 20:21:04.070 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 20:21:04.151 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 21:53:32.176 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-29 21:53:35.832 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-29 21:53:37.530 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-29 21:53:37.530 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-29 21:53:37.530 [37001] info on_timer.cpp::update No agent updates available
2025-12-29 21:53:37.530 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-29 21:53:37.698 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-29 21:53:37.698 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-29 21:53:38.186 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-29 21:53:38.446 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106019
2025-12-29 21:53:39.247 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106019
2025-12-29 21:53:39.247 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106019
2025-12-29 21:53:39.368 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-29 21:53:39.538 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-29 21:53:39.539 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-29 21:53:39.672 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-29 21:53:39.674 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-29 21:53:43.866 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-29 22:13:34.150 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 22:13:34.232 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-29 23:41:46.237 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-29 23:41:46.337 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 00:46:34.340 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 00:46:34.422 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 01:01:59.927 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-30 01:08:25.145 [37003] info on_nebula.cpp::handle Scan complete, duration: 386
2025-12-30 01:08:25.146 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-30 01:08:25.147 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 01:08:25.261 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 02:51:55.263 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 02:51:55.364 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 04:06:38.381 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 04:06:38.466 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 05:48:20.957 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 05:48:21.112 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 07:22:51.342 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 07:22:51.423 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 08:50:09.425 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 08:50:09.526 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 10:04:51.528 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 10:04:51.609 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 11:39:21.611 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 11:39:21.694 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 12:45:04.709 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 12:45:04.794 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 14:10:35.027 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 14:10:35.123 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 15:21:42.142 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 15:21:42.223 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 17:07:00.224 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 17:07:00.316 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 18:35:13.334 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 18:35:13.416 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 20:03:25.656 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 20:03:25.756 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 21:40:37.757 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 21:40:37.839 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-30 21:53:44.527 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-30 21:53:50.901 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-30 21:53:50.902 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-30 21:53:50.902 [37001] info on_timer.cpp::update No agent updates available
2025-12-30 21:53:50.902 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-30 21:53:51.058 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-30 21:53:51.058 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-30 21:53:51.566 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-30 21:53:51.839 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106033
2025-12-30 21:53:52.580 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106033
2025-12-30 21:53:52.580 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106033
2025-12-30 21:53:52.732 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-30 21:53:52.925 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-30 21:53:52.925 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-30 21:53:53.060 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-30 21:53:53.062 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-30 23:18:43.839 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-30 23:18:43.922 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 01:01:59.079 [37003] info on_nebula.cpp::handle Performing threat scan
2025-12-31 01:09:00.106 [37003] info on_nebula.cpp::handle Scan complete, duration: 421
2025-12-31 01:09:00.107 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-31 01:09:00.109 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 01:09:00.193 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 02:52:30.195 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 02:52:30.276 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 04:21:36.277 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 04:21:36.386 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 05:38:07.620 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 05:38:07.721 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 06:01:00.837 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2025-12-31 06:01:00.837 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2025-12-31 06:01:00.838 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2025-12-31 06:01:00.838 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2025-12-31 06:01:00.838 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2025-12-31 06:01:00.839 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2025-12-31 06:01:09.399 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2025-12-31 06:01:10.415 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2025-12-31 06:01:18.935 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 305429471232, \"freespace_total\": 305429471232, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 698855481344, \"freespace_total\": 698855481344, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1401389056, \"free_virtual\": 8203137024, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2025-12-31 06:01:18.964 [37003] info schedule_store.cpp::save Saved nebula schedules
2025-12-31 06:40:13.722 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 06:40:13.851 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 08:32:43.853 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 08:32:43.934 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 09:56:25.936 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 09:56:26.017 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 11:04:50.019 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 11:04:50.106 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 12:22:14.108 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 12:22:14.192 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 13:32:26.194 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 13:32:26.276 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 15:18:38.279 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 15:18:38.361 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 16:54:56.362 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 16:54:56.444 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 18:51:02.447 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 18:51:02.529 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 20:14:44.532 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 20:14:44.633 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 21:35:44.634 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 21:35:44.719 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2025-12-31 21:53:57.373 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-31 21:54:00.097 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-31 21:54:02.743 [37001] info sirius.cpp::downloadUpdates No available packages to update
2025-12-31 21:54:02.743 [37001] info update.cpp::launchAgentUpdate No agent updates available
2025-12-31 21:54:02.743 [37001] info on_timer.cpp::update No agent updates available
2025-12-31 21:54:02.743 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-31 21:54:02.893 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2025-12-31 21:54:02.893 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2025-12-31 21:54:03.199 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2025-12-31 21:54:03.269 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106057
2025-12-31 21:54:03.984 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106057
2025-12-31 21:54:03.984 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106057
2025-12-31 21:54:04.099 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2025-12-31 21:54:04.119 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2025-12-31 21:54:04.291 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2025-12-31 21:54:04.296 [37001] info sirius.cpp::downloadUpdates checking for new updates
2025-12-31 21:54:04.431 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2025-12-31 21:54:04.433 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2025-12-31 23:23:44.722 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2025-12-31 23:23:44.806 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 00:46:32.805 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 00:46:32.905 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 01:01:58.942 [37003] info on_nebula.cpp::handle Performing threat scan
2026-01-01 01:08:44.347 [37003] info on_nebula.cpp::handle Scan complete, duration: 406
2026-01-01 01:08:44.348 [37003] info schedule_store.cpp::save Saved nebula schedules
2026-01-01 01:08:44.349 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 01:08:44.491 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 02:18:02.492 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 02:18:02.645 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 03:24:38.887 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 03:24:38.973 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 05:25:15.234 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 05:25:15.322 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 06:37:15.323 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 06:37:15.410 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 07:40:15.411 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 07:40:15.494 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 08:50:28.508 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 08:50:28.593 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 10:35:46.613 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 10:35:46.715 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 12:14:46.954 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 12:14:47.036 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 13:22:17.037 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 13:22:17.135 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 14:39:41.138 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 14:39:41.220 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 16:07:53.222 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 16:07:53.305 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 17:53:11.535 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 17:53:11.617 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 19:29:29.618 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 19:29:29.700 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 21:07:35.719 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 21:07:35.813 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-01 21:54:09.269 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-01 21:54:11.828 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-01 21:54:15.645 [37001] info sirius.cpp::downloadUpdates No available packages to update
2026-01-01 21:54:15.645 [37001] info update.cpp::launchAgentUpdate No agent updates available
2026-01-01 21:54:15.645 [37001] info on_timer.cpp::update No agent updates available
2026-01-01 21:54:15.645 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-01 21:54:15.791 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-01 21:54:15.791 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-01 21:54:16.069 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-01 21:54:16.134 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106083
2026-01-01 21:54:17.244 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106083
2026-01-01 21:54:17.244 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106083
2026-01-01 21:54:17.648 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-01 21:54:17.848 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-01 21:54:17.848 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-01 21:54:17.984 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-01 21:54:17.986 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-01 21:54:18.868 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d56c80563db7fcabc83f48a31f2aa7f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-01 22:24:05.817 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-01 22:24:05.900 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 00:17:30.155 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 00:17:30.237 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 01:01:58.355 [37003] info on_nebula.cpp::handle Performing threat scan
2026-01-02 01:08:39.645 [37003] info on_nebula.cpp::handle Scan complete, duration: 401
2026-01-02 01:08:39.647 [37003] info schedule_store.cpp::save Saved nebula schedules
2026-01-02 01:08:39.648 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 01:08:39.755 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 02:53:03.757 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 02:53:03.839 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 04:39:15.841 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 04:39:15.926 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 05:51:15.928 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 05:51:16.012 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 06:01:00.194 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-02 06:01:00.194 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-02 06:01:00.194 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-02 06:01:00.194 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-02 06:01:00.195 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-02 06:01:00.195 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-02 06:01:10.757 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-02 06:01:10.772 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-02 06:01:23.057 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 302287208448, \"freespace_total\": 302287208448, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 697528143872, \"freespace_total\": 697528143872, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 535068672, \"free_virtual\": 8215572480, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\":
2026-01-02 06:01:23.132 [37003] info schedule_store.cpp::save Saved nebula schedules
2026-01-02 06:01:23.140 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 06:01:23.221 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 07:58:23.448 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 07:58:23.566 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 09:04:05.568 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 09:04:05.651 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 10:39:29.653 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 10:39:29.763 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 12:09:30.780 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 12:09:30.861 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 12:14:36.127 [37003] info client.cpp::callSync []
2026-01-02 12:14:36.258 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-02 12:14:36.258 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-02 12:14:36.258 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-02 12:14:36.258 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-02 12:14:37.270 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6de377f21af441c138fc2b0954adc285:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-02 12:14:37.375 [37003] info client.cpp::syncExclusions Updated exclusions: 26f39a911feb93d02026b2fb5891f62d
2026-01-02 12:14:37.375 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-02 12:14:37.379 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 26f39a911feb93d02026b2fb5891f62d
2026-01-02 12:14:37.379 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-02 12:14:37.381 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-02 12:14:37.381 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-02 12:14:37.384 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 12:14:37.469 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 13:26:25.666 [37003] info client.cpp::sync Command received : event.policy.refresh
2026-01-02 13:26:25.776 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-02 13:26:25.776 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-02 13:26:25.776 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-02 13:26:25.776 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-02 13:26:25.777 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-02 13:26:26.797 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "50fdde446698b382a7d0936acb8a9cad:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-02 13:26:26.798 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-02 13:26:26.799 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-02 13:26:26.901 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1767378386
2026-01-02 13:26:26.901 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1767378386
2026-01-02 13:26:26.901 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-02 13:26:26.902 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-02 13:26:26.902 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-02 13:32:01.490 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 13:32:01.605 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 14:54:49.606 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 14:54:49.691 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 16:35:37.938 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 16:35:38.022 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 18:11:57.037 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 18:11:57.118 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 19:19:27.119 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 19:19:27.223 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 19:51:39.784 [37003] info client.cpp::sync Command received : event.policy.refresh
2026-01-02 19:51:39.930 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-02 19:51:39.930 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-02 19:51:39.930 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-02 19:51:39.931 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-02 19:51:39.931 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-02 19:51:40.944 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b21798344d0e3e99c60e5f0b0235e886:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-02 19:51:40.944 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-02 19:51:40.944 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-02 19:51:41.047 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1767401500
2026-01-02 19:51:41.047 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1767401500
2026-01-02 19:51:41.047 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-02 19:51:41.047 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-02 19:51:41.047 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-02 20:38:39.238 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 20:38:39.328 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 21:54:22.656 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-02 21:54:29.048 [37001] info sirius.cpp::downloadUpdates No available packages to update
2026-01-02 21:54:29.049 [37001] info update.cpp::launchAgentUpdate No agent updates available
2026-01-02 21:54:29.049 [37001] info on_timer.cpp::update No agent updates available
2026-01-02 21:54:29.049 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-02 21:54:29.187 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-02 21:54:29.187 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-02 21:54:29.405 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-02 21:54:29.471 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106105
2026-01-02 21:54:30.246 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106105
2026-01-02 21:54:30.247 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106105
2026-01-02 21:54:30.363 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-02 21:54:30.524 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-02 21:54:30.524 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-02 21:54:30.658 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-02 21:54:30.659 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-02 22:06:51.311 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 22:06:51.396 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-02 23:35:04.437 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-02 23:35:04.521 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 00:47:04.522 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 00:47:04.605 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 02:46:46.607 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 02:46:46.717 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 04:07:46.720 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 04:07:46.825 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 04:33:29.194 [37003] info client.cpp::callSync []
2026-01-03 04:33:30.329 [37003] info client.cpp::syncExclusions Updated exclusions: 8583bd4842a911f7d4bfbabe354e2763
2026-01-03 04:33:30.329 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 8583bd4842a911f7d4bfbabe354e2763
2026-01-03 04:33:30.329 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-03 04:33:30.339 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-03 04:33:30.339 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-03 04:33:30.341 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 04:33:30.448 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 06:01:00.505 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-03 06:01:00.506 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-03 06:01:00.506 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-03 06:01:00.506 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-03 06:01:00.507 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-03 06:01:00.507 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-03 06:01:11.025 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-03 06:01:12.043 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-03 06:01:25.887 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 299902402560, \"freespace_total\": 299902402560, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 696838582272, \"freespace_total\": 696838582272, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 511156224, \"free_virtual\": 8200630272, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\":
2026-01-03 06:01:25.946 [37003] info schedule_store.cpp::save Saved nebula schedules
2026-01-03 06:07:06.450 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 06:07:06.536 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 08:04:06.771 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 08:04:06.854 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 09:16:06.855 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 09:16:06.941 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 10:40:42.943 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 10:40:43.024 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 12:35:01.026 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 12:35:01.110 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 14:12:13.114 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 14:12:13.196 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 15:53:55.198 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 15:53:55.280 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 17:23:55.281 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 17:23:55.362 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 19:02:01.594 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 19:02:01.677 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 20:46:25.679 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 20:46:25.770 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 21:54:35.341 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-03 21:54:41.743 [37001] info sirius.cpp::downloadUpdates No available packages to update
2026-01-03 21:54:41.743 [37001] info update.cpp::launchAgentUpdate No agent updates available
2026-01-03 21:54:41.743 [37001] info on_timer.cpp::update No agent updates available
2026-01-03 21:54:41.743 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-03 21:54:41.916 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-03 21:54:41.916 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-03 21:54:42.165 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-03 21:54:42.243 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106117
2026-01-03 21:54:42.983 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106117
2026-01-03 21:54:42.983 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106117
2026-01-03 21:54:43.042 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-03 21:54:43.211 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-03 21:54:43.212 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-03 21:54:43.357 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-03 21:54:43.359 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-03 22:25:25.768 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 22:25:25.850 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-03 23:36:31.852 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-03 23:36:31.935 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 01:01:59.154 [37003] info on_nebula.cpp::handle Performing threat scan
2026-01-04 01:08:33.632 [37003] info on_nebula.cpp::handle Scan complete, duration: 394
2026-01-04 01:08:33.634 [37003] info schedule_store.cpp::save Saved nebula schedules
2026-01-04 01:08:33.635 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 01:08:33.751 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 02:19:40.770 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 02:19:40.886 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 04:05:52.889 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 04:05:52.973 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 05:41:16.973 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 05:41:17.060 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 06:00:58.266 [37003] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-04 06:00:58.266 [37003] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-04 06:00:58.266 [37003] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-04 06:00:58.266 [37003] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-04 06:00:58.267 [37003] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-04 06:00:58.267 [37003] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-04 06:01:09.810 [37003] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-04 06:01:09.824 [37003] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-04 06:01:18.302 [37003] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 297289125888, \"freespace_total\": 297289125888, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 696195997696, \"freespace_total\": 696195997696, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 753270784, \"free_virtual\": 8202203136, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\":
2026-01-04 06:01:18.367 [37003] info schedule_store.cpp::save Saved nebula schedules
2026-01-04 06:01:18.369 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 06:01:18.488 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 07:12:24.489 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 07:12:24.573 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 08:48:42.574 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 08:48:42.656 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 10:20:30.657 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 10:20:30.742 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 12:19:18.743 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 12:19:18.845 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 13:53:48.845 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 13:53:48.928 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 15:07:36.929 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 15:07:37.010 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 16:44:49.011 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 16:44:49.094 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 18:05:50.109 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 18:05:50.191 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 19:24:08.193 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 19:24:08.286 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 21:23:50.287 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 21:23:50.398 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-04 21:54:47.938 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-04 21:54:50.079 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b21798344d0e3e99c60e5f0b0235e886:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-04 21:54:53.288 [37001] info sirius.cpp::downloadUpdates No available packages to update
2026-01-04 21:54:53.288 [37001] info update.cpp::launchAgentUpdate No agent updates available
2026-01-04 21:54:53.288 [37001] info on_timer.cpp::update No agent updates available
2026-01-04 21:54:53.288 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-04 21:54:53.440 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-04 21:54:53.440 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-04 21:54:53.722 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-04 21:54:54.227 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106125
2026-01-04 21:54:55.001 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106125
2026-01-04 21:54:55.001 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106125
2026-01-04 21:54:55.181 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-04 21:54:55.369 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-04 21:54:55.369 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-04 21:54:55.503 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-04 21:54:55.505 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-04 21:55:28.001 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b21798344d0e3e99c60e5f0b0235e886:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-04 22:46:38.396 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-04 22:46:38.498 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 00:11:14.499 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 00:11:14.600 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 01:01:58.680 [37003] info on_nebula.cpp::handle Performing threat scan
2026-01-05 01:09:00.703 [37003] info on_nebula.cpp::handle Scan complete, duration: 422
2026-01-05 01:09:00.704 [37003] info schedule_store.cpp::save Saved nebula schedules
2026-01-05 01:09:00.705 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 01:09:00.868 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 02:22:48.870 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 02:22:48.969 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 03:30:19.208 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 03:30:19.297 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 04:53:07.550 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 04:53:07.641 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 06:20:25.643 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 06:20:25.730 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 07:20:43.731 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 07:20:43.814 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 08:22:49.817 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 08:22:49.901 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 09:54:09.076 [37003] info client.cpp::sync Command received : event.policy.refresh
2026-01-05 09:54:09.463 [37003] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-05 09:54:09.463 [37003] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-05 09:54:09.463 [37003] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-05 09:54:09.463 [37003] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-05 09:54:09.463 [37003] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-05 09:54:10.478 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "308d3a8bd59a1dd1a56fc2178feee32b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-05 09:54:10.478 [37003] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-05 09:54:10.478 [37003] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-05 09:54:11.164 [37003] info client.cpp::syncExclusions Updated exclusions: nebula-1767624850
2026-01-05 09:54:11.164 [37003] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1767624850
2026-01-05 09:54:11.164 [37003] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-05 09:54:11.167 [37003] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-05 09:54:11.167 [37003] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-05 09:55:31.902 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 09:55:31.986 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 11:39:55.988 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 11:39:56.092 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 12:41:08.093 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 12:41:08.178 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 14:07:32.180 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 14:07:32.262 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 16:06:20.263 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 16:06:20.344 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 18:06:56.346 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 18:06:56.428 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 19:38:44.430 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 19:38:44.513 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 21:02:26.514 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 21:02:26.623 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-05 21:55:00.351 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-05 21:55:02.558 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "308d3a8bd59a1dd1a56fc2178feee32b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-05 21:55:05.750 [37001] info sirius.cpp::downloadUpdates No available packages to update
2026-01-05 21:55:05.750 [37001] info update.cpp::launchAgentUpdate No agent updates available
2026-01-05 21:55:05.750 [37001] info on_timer.cpp::update No agent updates available
2026-01-05 21:55:05.750 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-05 21:55:05.918 [37001] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-05 21:55:05.918 [37001] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-05 21:55:06.150 [37001] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-05 21:55:06.220 [37001] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106151
2026-01-05 21:55:06.575 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "308d3a8bd59a1dd1a56fc2178feee32b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-05 21:55:07.372 [37001] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106151
2026-01-05 21:55:07.372 [37001] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106151
2026-01-05 21:55:07.682 [37001] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-05 21:55:07.848 [37001] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-05 21:55:07.849 [37001] info sirius.cpp::downloadUpdates checking for new updates
2026-01-05 21:55:08.002 [37001] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-05 21:55:08.003 [37001] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-05 22:40:32.624 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-05 22:40:32.732 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 00:17:44.969 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 00:17:45.057 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 01:01:59.090 [37003] info on_nebula.cpp::handle Performing threat scan
2026-01-06 01:08:10.761 [37003] info on_nebula.cpp::handle Scan complete, duration: 371
2026-01-06 01:08:10.763 [37003] info schedule_store.cpp::save Saved nebula schedules
2026-01-06 01:08:10.765 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 01:08:10.884 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 02:18:22.885 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 02:18:22.997 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 04:04:34.998 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 04:04:35.094 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 05:50:47.097 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 05:50:47.206 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 06:53:47.207 [37003] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 06:53:47.292 [37003] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 07:19:45.459 [37000] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-06 07:19:47.748 [37003] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "308d3a8bd59a1dd1a56fc2178feee32b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-06 07:19:48.195 [37004] info communicator.cpp::processor processing exited
2026-01-06 07:20:02.462 [36982] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-06 07:20:03.462 [36982] info mbdaemon.cpp::main Exiting Main - 0
2026-01-06 08:22:57.025 [1585] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-06 08:22:57.166 [1585] info mbdaemon.cpp::main logLevel is info
2026-01-06 08:22:57.285 [1585] info mbdaemon.cpp::main syslogLevel is warn
2026-01-06 08:22:57.285 [1585] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-06 08:22:57.285 [1585] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-06 08:22:58.498 [1585] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-06 08:22:59.074 [1585] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-06 08:23:00.573 [1585] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-06 08:23:00.574 [2525] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-06 08:23:00.574 [2529] info communicator.cpp::processor processing starting
2026-01-06 08:23:00.574 [2526] info sirius.cpp::downloadUpdates checking for new updates
2026-01-06 08:23:06.774 [2526] info sirius.cpp::downloadUpdates No available packages to update
2026-01-06 08:23:06.843 [2526] info update.cpp::launchAgentUpdate No agent updates available
2026-01-06 08:23:06.843 [2526] info on_timer.cpp::update No agent updates available
2026-01-06 08:23:06.979 [2526] info sirius.cpp::downloadUpdates checking for new updates
2026-01-06 08:23:07.019 [2528] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-06 08:23:07.113 [2528] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-06 08:23:07.113 [2528] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-06 08:23:07.113 [2528] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-06 08:23:07.195 [2526] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-06 08:23:07.195 [2526] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-06 08:23:07.432 [2526] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-06 08:23:07.781 [2526] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106167
2026-01-06 08:23:08.778 [2526] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106167
2026-01-06 08:23:08.778 [2526] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106167
2026-01-06 08:23:08.881 [2526] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-06 08:23:09.005 [2528] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-06 08:23:09.005 [2528] info sirius.cpp::downloadUpdates checking for new updates
2026-01-06 08:23:09.075 [2526] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-06 08:23:09.167 [2528] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-06 08:23:09.167 [2528] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-06 08:23:09.167 [2528] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-06 08:23:09.428 [2528] info schedule_store.cpp::load Loaded nebula schedules
2026-01-06 08:23:09.598 [2528] info client.cpp::callSync []
2026-01-06 08:23:10.694 [2528] info client.cpp::syncExclusions Updated exclusions: fedd93b7176891f7f1547fe1835f9c75
2026-01-06 08:23:10.737 [2528] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-06 08:23:10.737 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 08:23:10.818 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 08:23:14.823 [2528] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "308d3a8bd59a1dd1a56fc2178feee32b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-06 08:23:14.831 [2528] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: fedd93b7176891f7f1547fe1835f9c75
2026-01-06 08:23:14.831 [2528] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-06 08:23:14.831 [2528] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-06 08:23:14.948 [2528] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-06 08:49:34.389 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 08:49:34.472 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 10:09:40.473 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 10:09:40.578 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 11:33:22.578 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 11:33:22.680 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 11:43:57.806 [2528] info client.cpp::sync Command received : event.policy.refresh
2026-01-06 11:43:57.952 [2528] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-06 11:43:57.952 [2528] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-06 11:43:57.952 [2528] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-06 11:43:57.952 [2528] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-06 11:43:57.952 [2528] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-06 11:43:58.959 [2528] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "84f5604d778c159c65ce902c860827a8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-06 11:43:58.960 [2528] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-06 11:43:58.960 [2528] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-06 11:43:59.050 [2528] info client.cpp::syncExclusions Updated exclusions: nebula-1767717838
2026-01-06 11:43:59.050 [2528] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1767717838
2026-01-06 11:43:59.050 [2528] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-06 11:43:59.051 [2528] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-06 11:43:59.051 [2528] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-06 12:33:40.681 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 12:33:40.781 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 14:07:16.782 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 14:07:16.884 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 16:02:29.891 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 16:02:29.974 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 16:13:05.059 [2528] info client.cpp::sync Command received : event.policy.refresh
2026-01-06 16:13:05.159 [2528] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-06 16:13:05.159 [2528] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-06 16:13:05.159 [2528] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-06 16:13:05.159 [2528] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-06 16:13:05.160 [2528] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-06 16:13:06.480 [2528] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6503a6a8260058e4f67bf5da32b62a72:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-06 16:13:06.480 [2528] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-06 16:13:06.480 [2528] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-06 16:13:06.653 [2528] info client.cpp::syncExclusions Updated exclusions: nebula-1767733986
2026-01-06 16:13:06.653 [2528] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1767733986
2026-01-06 16:13:06.653 [2528] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-06 16:13:06.653 [2528] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-06 16:13:06.654 [2528] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-06 16:43:51.087 [2528] info client.cpp::sync Command received : event.policy.refresh
2026-01-06 16:43:51.220 [2528] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-06 16:43:51.220 [2528] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-06 16:43:51.220 [2528] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-06 16:43:51.220 [2528] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-06 16:43:51.220 [2528] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-06 16:43:52.225 [2528] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "01f49ee8448f89a087868b8b1d2567c2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-06 16:43:52.226 [2528] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-06 16:43:52.226 [2528] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-06 16:43:52.376 [2528] info client.cpp::syncExclusions Updated exclusions: nebula-1767735832
2026-01-06 16:43:52.376 [2528] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1767735832
2026-01-06 16:43:52.376 [2528] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-06 16:43:52.376 [2528] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-06 16:43:52.376 [2528] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-06 17:45:05.976 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 17:45:06.060 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 18:46:19.068 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 18:46:19.153 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 20:04:37.154 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 20:04:37.238 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 20:17:59.923 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 20:18:07.245 [2528] info web_socket.cpp::connectIfNeeded LibraryError at /src/nebula/web_socket.cpp:63 ()
2026-01-06 20:18:08.410 [2528] info client.cpp::callSync []
2026-01-06 20:18:09.505 [2528] info client.cpp::syncExclusions Updated exclusions: 826e3a57431d0e50c80c2400722e242e
2026-01-06 20:18:09.505 [2528] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 826e3a57431d0e50c80c2400722e242e
2026-01-06 20:18:09.505 [2528] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-06 20:18:09.506 [2528] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-06 20:18:09.506 [2528] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-06 20:18:29.533 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 20:18:29.618 [2528] info web_socket.cpp::connectIfNeeded LibraryError at /src/nebula/web_socket.cpp:63 ()
2026-01-06 20:19:29.700 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 20:19:29.798 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 21:36:53.800 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 21:36:53.882 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-06 22:37:00.346 [2528] info client.cpp::sync Command received : event.policy.refresh
2026-01-06 22:37:00.449 [2528] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-06 22:37:00.449 [2528] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-06 22:37:00.449 [2528] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-06 22:37:00.449 [2528] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-06 22:37:00.449 [2528] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-06 22:37:01.530 [2528] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "600c68a97753f7443dc37279fa866e2b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-06 22:37:01.531 [2528] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-06 22:37:01.531 [2528] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-06 22:37:01.620 [2528] info client.cpp::syncExclusions Updated exclusions: nebula-1767757021
2026-01-06 22:37:01.620 [2528] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1767757021
2026-01-06 22:37:01.620 [2528] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-06 22:37:01.620 [2528] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-06 22:37:01.621 [2528] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-06 22:43:29.885 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-06 22:43:29.966 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 00:26:05.966 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 00:26:06.047 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 01:02:00.142 [2528] info on_nebula.cpp::handle Performing threat scan
2026-01-07 01:07:24.857 [2528] info on_nebula.cpp::handle Scan complete, duration: 324
2026-01-07 01:07:24.860 [2528] info schedule_store.cpp::save Saved nebula schedules
2026-01-07 01:07:24.861 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 01:07:24.997 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 02:40:06.999 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 02:40:07.082 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 04:16:25.085 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 04:16:25.171 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 06:01:00.287 [2528] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-07 06:01:00.287 [2528] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-07 06:01:00.287 [2528] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-07 06:01:00.287 [2528] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-07 06:01:00.287 [2528] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-07 06:01:00.288 [2528] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-07 06:01:08.070 [2528] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-07 06:01:09.119 [2528] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-07 06:01:20.191 [2528] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 361740951552, \"freespace_total\": 361740951552, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 747432251392, \"freespace_total\": 747432251392, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7421960192, \"free_virtual\": 8589930496, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-07 06:01:20.311 [2528] info schedule_store.cpp::save Saved nebula schedules
2026-01-07 06:08:01.172 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 06:08:01.253 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 07:19:21.866 [2528] info client.cpp::sync Command received : event.policy.refresh
2026-01-07 07:19:22.002 [2528] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-07 07:19:22.002 [2528] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-07 07:19:22.002 [2528] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-07 07:19:22.002 [2528] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-07 07:19:22.002 [2528] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-07 07:19:23.014 [2528] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3e076aa636c93651ed64759352b80b96:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-07 07:19:23.563 [2528] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-07 07:19:23.563 [2528] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-07 07:19:23.716 [2528] info client.cpp::syncExclusions Updated exclusions: nebula-1767788363
2026-01-07 07:19:23.716 [2528] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1767788363
2026-01-07 07:19:23.716 [2528] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-07 07:19:23.717 [2528] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-07 07:19:23.717 [2528] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-07 07:25:25.256 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 07:25:25.337 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 08:53:37.340 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 08:53:37.441 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 09:56:37.443 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 09:56:37.527 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 11:13:07.534 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 11:13:07.615 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 12:35:55.618 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 12:35:55.722 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 13:47:55.723 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 13:47:55.804 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 15:48:31.803 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 15:48:31.910 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 17:03:13.911 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 17:03:13.993 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 18:42:13.994 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 18:42:14.076 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 20:07:44.077 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 20:07:44.159 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 21:28:44.163 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 21:28:44.244 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-07 23:00:32.244 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-07 23:00:32.328 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 00:55:44.331 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 00:55:44.413 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 01:02:00.562 [2528] info on_nebula.cpp::handle Performing threat scan
2026-01-08 01:07:40.060 [2528] info on_nebula.cpp::handle Scan complete, duration: 340
2026-01-08 01:07:40.061 [2528] info schedule_store.cpp::save Saved nebula schedules
2026-01-08 01:07:40.063 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 01:07:40.184 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 02:23:16.185 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 02:23:16.273 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 04:14:52.275 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 04:14:52.356 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 05:55:40.357 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 05:55:40.439 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 06:00:58.569 [2528] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-08 06:00:58.570 [2528] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-08 06:00:58.570 [2528] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-08 06:00:58.570 [2528] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-08 06:00:58.570 [2528] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-08 06:00:58.570 [2528] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-08 06:01:10.044 [2528] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-08 06:01:11.054 [2528] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-08 06:01:19.468 [2528] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 360336457728, \"freespace_total\": 360336457728, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 746699517952, \"freespace_total\": 746699517952, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11842273280, \"free_virtual\": 8581271552, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-01-08 06:01:19.501 [2528] info schedule_store.cpp::save Saved nebula schedules
2026-01-08 06:01:19.502 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 06:01:19.613 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 07:16:55.614 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 07:16:55.699 [2528] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 07:23:17.408 [2526] info sirius.cpp::downloadUpdates checking for new updates
2026-01-08 07:23:23.748 [2526] info sirius.cpp::downloadUpdates No available packages to update
2026-01-08 07:23:23.748 [2526] info update.cpp::launchAgentUpdate No agent updates available
2026-01-08 07:23:23.748 [2526] info on_timer.cpp::update No agent updates available
2026-01-08 07:23:23.748 [2526] info sirius.cpp::downloadUpdates checking for new updates
2026-01-08 07:23:23.890 [2526] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-08 07:23:23.890 [2526] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-08 07:23:24.170 [2526] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-08 07:23:24.238 [2526] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106233
2026-01-08 07:23:24.988 [2526] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106233
2026-01-08 07:23:24.988 [2526] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106233
2026-01-08 07:23:25.109 [2526] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-08 07:23:25.297 [2526] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-08 07:23:25.297 [2526] info sirius.cpp::downloadUpdates checking for new updates
2026-01-08 07:23:25.571 [2526] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-08 07:23:25.574 [2526] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-08 09:04:55.700 [2528] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 13:33:21.071 [6124] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-08 13:33:21.076 [6124] info mbdaemon.cpp::main logLevel is info
2026-01-08 13:33:21.076 [6124] info mbdaemon.cpp::main syslogLevel is warn
2026-01-08 13:33:21.076 [6124] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-08 13:33:21.076 [6124] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-08 13:33:21.234 [6124] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-08 13:33:21.301 [6124] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-08 13:33:21.576 [6124] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-08 13:33:21.576 [8036] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-08 13:33:21.576 [8040] info communicator.cpp::processor processing starting
2026-01-08 13:33:21.576 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-08 13:33:25.940 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-08 13:33:25.941 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-08 13:33:25.941 [8037] info on_timer.cpp::update No agent updates available
2026-01-08 13:33:25.941 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-08 13:33:25.944 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-08 13:33:25.944 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-08 13:33:25.944 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-08 13:33:25.944 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-08 13:33:26.090 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-08 13:33:26.090 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-08 13:33:26.331 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-08 13:33:26.377 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106239
2026-01-08 13:33:27.126 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106239
2026-01-08 13:33:27.126 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106239
2026-01-08 13:33:27.127 [8039] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-08 13:33:27.127 [8039] info sirius.cpp::downloadUpdates checking for new updates
2026-01-08 13:33:27.182 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-08 13:33:27.261 [8039] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-08 13:33:27.261 [8039] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-08 13:33:27.261 [8039] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-08 13:33:27.267 [8039] info schedule_store.cpp::load Loaded nebula schedules
2026-01-08 13:33:27.306 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-08 13:33:27.373 [8039] info client.cpp::callSync []
2026-01-08 13:33:27.478 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-08 13:33:27.478 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-08 13:33:27.478 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-08 13:33:27.478 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-08 13:33:27.482 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "da41fd8df4c7c7a8d35ee19556ae7743:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-08 13:33:27.640 [8039] info client.cpp::syncExclusions Updated exclusions: 8d6194e08a5fe45eaa7186e3dac466a9
2026-01-08 13:33:27.640 [8039] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-08 13:33:27.640 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 13:33:27.720 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 13:33:30.727 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "da41fd8df4c7c7a8d35ee19556ae7743:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-08 13:33:30.728 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 8d6194e08a5fe45eaa7186e3dac466a9
2026-01-08 13:33:30.728 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-08 13:33:30.729 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-08 13:33:30.729 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-08 15:19:39.241 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 15:19:39.344 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 16:19:57.345 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 16:19:57.430 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 17:24:27.283 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-08 17:24:27.397 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-08 17:24:27.397 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-08 17:24:27.397 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-08 17:24:27.397 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-08 17:24:27.397 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-08 17:24:28.403 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7c716ff7929c6cac8215ce5bc0c1c050:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-08 17:24:28.404 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-08 17:24:28.404 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-08 17:24:28.564 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1767911068
2026-01-08 17:24:28.565 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1767911068
2026-01-08 17:24:28.565 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-08 17:24:28.565 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-08 17:24:28.565 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-08 18:09:45.431 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 18:09:45.512 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 19:59:33.516 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 19:59:33.599 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 21:25:57.602 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 21:25:57.683 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-08 22:32:33.683 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-08 22:32:33.787 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 00:22:21.788 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 00:22:21.873 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 02:21:09.875 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 02:21:09.979 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 03:30:27.976 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 03:30:28.083 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 05:20:16.082 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 05:20:16.186 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 06:00:58.279 [8039] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-09 06:00:58.279 [8039] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-09 06:00:58.280 [8039] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-09 06:00:58.280 [8039] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-09 06:00:58.280 [8039] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-09 06:00:58.281 [8039] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-09 06:01:06.165 [8039] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-09 06:01:07.200 [8039] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-09 06:01:19.199 [8039] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 361485791232, \"freespace_total\": 361485791232, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 746062970880, \"freespace_total\": 746062970880, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9695895552, \"free_virtual\": 8581795840, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-09 06:01:19.331 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-09 06:44:52.187 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 06:44:52.272 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 08:31:04.274 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 08:31:04.385 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 09:34:04.387 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 09:34:04.485 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 10:57:46.486 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 10:57:46.568 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 12:48:29.575 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 12:48:29.656 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 13:33:31.745 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-09 13:33:33.664 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7c716ff7929c6cac8215ce5bc0c1c050:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-09 13:33:37.674 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7c716ff7929c6cac8215ce5bc0c1c050:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-09 13:33:38.094 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-09 13:33:38.095 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-09 13:33:38.095 [8037] info on_timer.cpp::update No agent updates available
2026-01-09 13:33:38.095 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-09 13:33:38.251 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-09 13:33:38.251 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-09 13:33:38.469 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-09 13:33:38.537 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106281
2026-01-09 13:33:39.300 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106281
2026-01-09 13:33:39.300 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106281
2026-01-09 13:33:39.410 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-09 13:33:39.547 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-09 13:33:39.548 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-09 13:33:39.681 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-09 13:33:39.682 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-09 14:24:47.661 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 14:24:47.746 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 15:30:29.749 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 15:30:29.832 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 17:17:35.835 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 17:17:35.938 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 19:11:53.940 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 19:11:54.022 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 21:11:37.029 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 21:11:37.131 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 22:17:36.176 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-09 22:17:36.281 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-09 22:17:36.281 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-09 22:17:36.281 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-09 22:17:36.281 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-09 22:17:36.281 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-09 22:17:37.289 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "c377ffd0379126f68c41d9e33591cc19:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-09 22:17:37.289 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-09 22:17:37.289 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-09 22:17:37.392 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768015057
2026-01-09 22:17:37.392 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768015057
2026-01-09 22:17:37.392 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-09 22:17:37.393 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-09 22:17:37.393 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-09 22:17:54.433 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-09 22:17:54.561 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-09 22:17:54.561 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-09 22:17:54.561 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-09 22:17:54.561 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-09 22:17:55.569 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-09 22:17:55.569 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-09 22:17:55.659 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768015075
2026-01-09 22:17:55.659 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768015075
2026-01-09 22:17:55.659 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-09 22:17:55.659 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-09 22:17:55.659 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-09 22:22:43.133 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 22:22:43.221 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-09 23:50:01.228 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-09 23:50:01.330 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 01:01:58.451 [8039] info on_nebula.cpp::handle Performing threat scan
2026-01-10 01:07:21.662 [8039] info on_nebula.cpp::handle Scan complete, duration: 323
2026-01-10 01:07:21.678 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-10 01:07:21.679 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 01:07:21.782 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 02:17:33.783 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 02:17:33.898 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 03:47:33.899 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 03:47:34.010 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 05:04:58.019 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 05:04:58.116 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 06:00:59.270 [8039] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-10 06:00:59.270 [8039] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-10 06:00:59.270 [8039] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-10 06:00:59.270 [8039] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-10 06:00:59.271 [8039] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-10 06:00:59.271 [8039] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-10 06:01:08.753 [8039] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-10 06:01:08.798 [8039] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-10 06:01:20.321 [8039] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 359310905344, \"freespace_total\": 359310905344, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 745320910848, \"freespace_total\": 745320910848, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8051441664, \"free_virtual\": 8582844416, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-10 06:01:20.426 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-10 06:19:40.117 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 06:19:40.200 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 07:22:41.216 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 07:22:41.299 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 09:17:00.310 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 09:17:00.427 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 11:14:00.592 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 11:14:00.673 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 11:50:57.755 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-10 11:50:57.857 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-10 11:50:57.857 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-10 11:50:57.857 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-10 11:50:57.857 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-10 11:50:57.858 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-10 11:50:59.158 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "ac3311c2fe90a52ba07a1d18bd0c85c2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-10 11:50:59.159 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-10 11:50:59.159 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-10 11:50:59.310 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768063859
2026-01-10 11:50:59.310 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768063859
2026-01-10 11:50:59.310 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-10 11:50:59.314 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-10 11:50:59.314 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-10 12:37:42.674 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 12:37:42.755 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 13:33:44.392 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-10 13:33:46.804 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "ac3311c2fe90a52ba07a1d18bd0c85c2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-10 13:33:50.706 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-10 13:33:50.706 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-10 13:33:50.706 [8037] info on_timer.cpp::update No agent updates available
2026-01-10 13:33:50.706 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-10 13:33:50.816 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "ac3311c2fe90a52ba07a1d18bd0c85c2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-10 13:33:50.841 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-10 13:33:50.841 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-10 13:33:51.102 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-10 13:33:51.171 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106319
2026-01-10 13:33:51.892 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106319
2026-01-10 13:33:51.892 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106319
2026-01-10 13:33:52.012 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-10 13:33:52.137 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-10 13:33:52.138 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-10 13:33:52.271 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-10 13:33:52.272 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-10 13:38:44.986 [8039] info client.cpp::registerRefresh nebula client refresh success
2026-01-10 13:38:44.986 [8039] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-01-10 13:38:45.009 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 13:38:45.095 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 15:03:21.097 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 15:03:21.179 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 15:41:47.837 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-10 15:41:47.961 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-10 15:41:47.961 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-10 15:41:47.961 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-10 15:41:47.961 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-10 15:41:47.961 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-10 15:41:48.970 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3fcae29f4146cd209e61f1cc8c0926ff:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-10 15:41:48.970 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-10 15:41:48.970 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-10 15:41:49.114 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768077708
2026-01-10 15:41:49.114 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768077708
2026-01-10 15:41:49.114 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-10 15:41:49.114 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-10 15:41:49.115 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-10 16:14:27.181 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 16:14:27.286 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 17:56:09.287 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 17:56:09.378 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 19:50:28.388 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 19:50:28.473 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 21:24:04.656 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 21:24:04.740 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-10 23:21:04.743 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-10 23:21:04.826 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 01:02:00.851 [8039] info on_nebula.cpp::handle Performing threat scan
2026-01-11 01:07:38.167 [8039] info on_nebula.cpp::handle Scan complete, duration: 338
2026-01-11 01:07:38.169 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-11 01:07:38.170 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 01:07:38.292 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 02:23:14.477 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 02:23:14.587 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 03:25:20.591 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 03:25:20.714 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 05:13:20.714 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 05:13:20.802 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 07:13:02.803 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 07:13:02.886 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 08:14:15.055 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 08:14:15.136 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 09:28:03.138 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 09:28:03.222 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 11:24:09.555 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 11:24:09.639 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 13:07:39.970 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 13:07:40.053 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 13:33:56.547 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-11 13:33:58.446 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3fcae29f4146cd209e61f1cc8c0926ff:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-11 13:34:00.927 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-11 13:34:00.927 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-11 13:34:00.927 [8037] info on_timer.cpp::update No agent updates available
2026-01-11 13:34:00.927 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-11 13:34:01.093 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-11 13:34:01.093 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-11 13:34:01.377 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-11 13:34:01.714 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106327
2026-01-11 13:34:02.708 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3fcae29f4146cd209e61f1cc8c0926ff:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-11 13:34:02.769 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106327
2026-01-11 13:34:02.769 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106327
2026-01-11 13:34:03.320 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-11 13:34:03.476 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-11 13:34:03.476 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-11 13:34:03.613 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-11 13:34:03.642 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-11 13:47:37.129 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-11 13:47:37.275 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-11 13:47:37.275 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-11 13:47:37.275 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-11 13:47:37.275 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-11 13:47:37.275 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-11 13:47:38.285 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7fc5e71bebeb435c156e19d5ce1ed1e0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-11 13:47:38.285 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-11 13:47:38.285 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-11 13:47:38.434 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768157258
2026-01-11 13:47:38.434 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768157258
2026-01-11 13:47:38.434 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-11 13:47:38.435 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-11 13:47:38.435 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-11 14:13:23.067 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 14:13:23.170 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 15:14:35.171 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 15:14:35.254 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 16:58:59.257 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 16:58:59.356 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 18:34:24.368 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 18:34:24.452 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 20:19:43.466 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 20:19:43.569 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 21:51:31.774 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 21:51:31.855 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-11 23:18:51.671 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-11 23:18:51.754 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 00:28:09.756 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 00:28:09.847 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 01:01:58.134 [8039] info on_nebula.cpp::handle Performing threat scan
2026-01-12 01:07:18.445 [8039] info on_nebula.cpp::handle Scan complete, duration: 320
2026-01-12 01:07:18.447 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-12 01:07:18.448 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 01:07:18.531 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 02:52:37.543 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 02:52:37.652 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 03:28:59.731 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-12 03:28:59.834 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-12 03:28:59.834 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-12 03:28:59.834 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-12 03:28:59.834 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-12 03:28:59.834 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-12 03:29:00.843 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "437e9312d0ca4ead4a584ca42ebdb08d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-12 03:29:00.844 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-12 03:29:00.844 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-12 03:29:00.934 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768206540
2026-01-12 03:29:00.934 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768206540
2026-01-12 03:29:00.934 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-12 03:29:00.935 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-12 03:29:00.935 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-12 04:25:19.826 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 04:25:19.909 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 05:30:07.910 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 05:30:08.237 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 06:01:00.293 [8039] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-12 06:01:00.293 [8039] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-12 06:01:00.293 [8039] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-12 06:01:00.293 [8039] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-12 06:01:00.294 [8039] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-12 06:01:00.294 [8039] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-12 06:01:11.840 [8039] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-12 06:01:12.854 [8039] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-12 06:01:20.268 [8039] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 369122955264, \"freespace_total\": 369122955264, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 743635800064, \"freespace_total\": 743635800064, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7512285184, \"free_virtual\": 8574640128, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-12 06:01:20.308 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-12 07:03:44.237 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 07:03:44.318 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 08:27:39.267 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-12 08:27:39.512 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-12 08:27:39.512 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-12 08:27:39.512 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-12 08:27:39.512 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-12 08:27:39.512 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-12 08:27:40.522 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "15ccc4fd6bd525838f5241a5591d00bc:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-12 08:27:40.522 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-12 08:27:40.522 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-12 08:27:40.655 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768224460
2026-01-12 08:27:40.655 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768224460
2026-01-12 08:27:40.655 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-12 08:27:40.656 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-12 08:27:40.657 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-12 08:41:50.668 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 08:41:50.750 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 09:57:27.764 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 09:57:27.847 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 11:13:03.849 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 11:13:03.950 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 12:49:21.952 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 12:49:22.034 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 13:34:07.849 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-12 13:34:11.172 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "15ccc4fd6bd525838f5241a5591d00bc:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-12 13:34:12.180 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-12 13:34:12.180 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-12 13:34:12.180 [8037] info on_timer.cpp::update No agent updates available
2026-01-12 13:34:12.180 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-12 13:34:12.316 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-12 13:34:12.316 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-12 13:34:12.537 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-12 13:34:12.609 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106365
2026-01-12 13:34:13.747 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106365
2026-01-12 13:34:13.747 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106365
2026-01-12 13:34:13.795 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-12 13:34:14.115 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-12 13:34:14.115 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-12 13:34:14.256 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-12 13:34:14.269 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-12 13:34:19.201 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "15ccc4fd6bd525838f5241a5591d00bc:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-12 14:04:04.035 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 14:04:04.117 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 15:24:10.119 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 15:24:10.209 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 17:13:58.212 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 17:13:58.333 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 18:59:16.335 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 18:59:16.416 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 20:08:34.417 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 20:08:34.498 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 21:42:11.509 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 21:42:11.600 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-12 22:58:42.610 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-12 22:58:42.692 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 00:57:30.694 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 00:57:30.795 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 01:01:59.144 [8039] info on_nebula.cpp::handle Performing threat scan
2026-01-13 01:07:46.206 [8039] info on_nebula.cpp::handle Scan complete, duration: 347
2026-01-13 01:07:46.208 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-13 01:07:46.209 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 01:07:46.349 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 02:09:52.351 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 02:09:52.434 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 03:11:04.436 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 03:11:04.519 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 05:08:04.521 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 05:08:04.612 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 05:34:53.861 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-13 05:34:54.292 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-13 05:34:54.293 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-13 05:34:54.293 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-13 05:34:54.293 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-13 05:34:54.293 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-13 05:34:55.560 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "f012219de44f1e48052c1f1f5498f2eb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 05:34:55.561 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-13 05:34:55.561 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-13 05:34:55.651 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768300495
2026-01-13 05:34:55.651 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768300495
2026-01-13 05:34:55.651 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-13 05:34:55.652 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-13 05:34:55.653 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-13 06:01:00.780 [8039] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-13 06:01:00.780 [8039] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-13 06:01:00.780 [8039] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-13 06:01:00.780 [8039] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-13 06:01:00.781 [8039] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-13 06:01:00.781 [8039] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-13 06:01:12.291 [8039] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-13 06:01:13.302 [8039] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-13 06:01:21.660 [8039] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 365683470336, \"freespace_total\": 365683470336, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 742965112832, \"freespace_total\": 742965112832, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7862669312, \"free_virtual\": 8567648256, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-13 06:01:21.694 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-13 06:01:21.695 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 06:01:21.834 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 06:35:19.991 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-13 06:35:20.114 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-13 06:35:20.114 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-13 06:35:20.114 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-13 06:35:20.114 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-13 06:35:20.114 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-13 06:35:20.130 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "2cfbea880f5719bb7d7b8468d617c661:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 06:35:20.131 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-13 06:35:20.131 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-13 06:35:20.284 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768304120
2026-01-13 06:35:20.284 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768304120
2026-01-13 06:35:20.284 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-13 06:35:20.285 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-13 06:35:20.285 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-13 07:35:51.836 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 07:35:51.918 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 08:44:15.919 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 08:44:16.001 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 09:47:10.177 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-13 09:47:10.306 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-13 09:47:10.306 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-13 09:47:10.306 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-13 09:47:10.306 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-13 09:47:10.306 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-13 09:47:12.635 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "c506ee294be1301b5c8d3f5c0eb005ec:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:67", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 09:47:12.635 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-13 09:47:12.635 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-13 09:47:12.771 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768315632
2026-01-13 09:47:12.771 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768315632
2026-01-13 09:47:12.771 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-13 09:47:12.772 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-13 09:47:12.772 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-13 09:58:58.213 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 09:58:58.338 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 11:51:28.339 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 11:51:28.420 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 12:21:43.536 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-13 12:21:43.640 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-13 12:21:43.640 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-13 12:21:43.640 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-13 12:21:43.640 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-13 12:21:43.640 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-13 12:21:44.651 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "487bd26d9ca256118c8d0ee48a5a2fcd:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 12:21:44.651 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-13 12:21:44.651 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-13 12:21:44.781 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768324904
2026-01-13 12:21:44.782 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768324904
2026-01-13 12:21:44.782 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-13 12:21:44.782 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-13 12:21:44.782 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-13 12:59:52.422 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 12:59:52.523 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 13:34:18.464 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-13 13:34:20.575 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "487bd26d9ca256118c8d0ee48a5a2fcd:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 13:34:24.816 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-13 13:34:24.816 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-13 13:34:24.816 [8037] info on_timer.cpp::update No agent updates available
2026-01-13 13:34:24.816 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-13 13:34:24.958 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-13 13:34:24.958 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-13 13:34:25.227 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-13 13:34:25.299 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106393
2026-01-13 13:34:26.439 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106393
2026-01-13 13:34:26.439 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106393
2026-01-13 13:34:26.691 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-13 13:34:26.819 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-13 13:34:26.820 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-13 13:34:26.976 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-13 13:34:26.978 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-13 13:34:28.604 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "487bd26d9ca256118c8d0ee48a5a2fcd:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 13:59:48.929 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-13 13:59:49.053 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-13 13:59:49.053 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-13 13:59:49.053 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-13 13:59:49.053 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-13 13:59:49.053 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-13 13:59:50.422 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "00af9cd3dbbd072e1eb8fb165d55dcde:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 13:59:50.423 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-13 13:59:50.423 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-13 13:59:50.602 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768330790
2026-01-13 13:59:50.602 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768330790
2026-01-13 13:59:50.602 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-13 13:59:50.603 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-13 13:59:50.603 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-13 14:11:52.524 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 14:11:52.608 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 15:12:10.609 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 15:12:10.689 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 16:46:40.690 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 16:46:40.774 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 18:17:17.902 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-13 18:17:18.031 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-13 18:17:18.031 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-13 18:17:18.031 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-13 18:17:18.031 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-13 18:17:18.031 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-13 18:17:19.041 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "fbce7e0617b050d9f9a0e344107bfa71:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 18:17:19.042 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-13 18:17:19.042 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-13 18:17:19.197 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768346239
2026-01-13 18:17:19.197 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768346239
2026-01-13 18:17:19.197 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-13 18:17:19.198 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-13 18:17:19.198 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-13 18:23:52.771 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 18:23:52.896 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 19:55:40.892 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 19:55:40.975 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 21:27:28.976 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 21:27:29.061 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-13 21:40:56.323 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-13 21:40:56.449 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-13 21:40:56.449 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-13 21:40:56.449 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-13 21:40:56.449 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-13 21:40:56.449 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-13 21:40:57.515 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "432e491ae6884475f01d65d9418b0d76:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 21:40:57.516 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-13 21:40:57.516 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-13 21:40:57.665 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768358457
2026-01-13 21:40:57.665 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768358457
2026-01-13 21:40:57.665 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-13 21:40:57.666 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-13 21:40:57.666 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-13 22:43:00.375 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-13 22:43:00.496 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-13 22:43:00.496 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-13 22:43:00.496 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-13 22:43:00.496 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-13 22:43:00.496 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-13 22:43:02.552 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1e13975c87f66f0ffd97b6a3e0581711:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-13 22:43:02.552 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-13 22:43:02.552 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-13 22:43:02.710 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768362182
2026-01-13 22:43:02.710 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768362182
2026-01-13 22:43:02.710 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-13 22:43:02.711 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-13 22:43:02.711 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-13 23:12:47.062 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-13 23:12:47.144 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 00:57:11.146 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 00:57:11.251 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 02:15:29.252 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 02:15:29.357 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 03:50:24.964 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-14 03:50:25.063 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-14 03:50:25.063 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-14 03:50:25.063 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-14 03:50:25.063 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-14 03:50:25.063 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-14 03:50:26.073 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "c21275d693dfff619b504314b69f19ef:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-14 03:50:26.074 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-14 03:50:26.074 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-14 03:50:26.226 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768380626
2026-01-14 03:50:26.226 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768380626
2026-01-14 03:50:26.226 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-14 03:50:26.227 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-14 03:50:26.227 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-14 04:00:47.358 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 04:00:47.466 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 05:15:29.467 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 05:15:29.549 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 06:40:05.553 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 06:40:05.638 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 07:48:30.654 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 07:48:30.758 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 09:13:07.770 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 09:13:07.856 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 10:25:07.858 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 10:25:07.976 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 12:22:07.977 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 12:22:08.059 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 13:34:31.932 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-14 13:34:34.256 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-14 13:34:34.257 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-14 13:34:34.257 [8037] info on_timer.cpp::update No agent updates available
2026-01-14 13:34:34.257 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-14 13:34:34.395 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-14 13:34:34.395 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-14 13:34:34.622 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-14 13:34:34.691 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106437
2026-01-14 13:34:35.452 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106437
2026-01-14 13:34:35.452 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106437
2026-01-14 13:34:35.576 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-14 13:34:35.716 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-14 13:34:35.716 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-14 13:34:35.876 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-14 13:34:35.877 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-14 13:37:44.061 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 13:37:44.148 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 15:16:44.147 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 15:16:44.248 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 16:58:26.249 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 16:58:26.353 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 17:28:58.048 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-14 17:28:58.161 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-14 17:28:58.161 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-14 17:28:58.161 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-14 17:28:58.161 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-14 17:28:58.161 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-14 17:28:59.172 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "8043096bd73c5a84dd1ae241a185c611:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-14 17:28:59.173 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-14 17:28:59.173 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-14 17:28:59.318 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768429739
2026-01-14 17:28:59.318 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768429739
2026-01-14 17:28:59.318 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-14 17:28:59.318 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-14 17:28:59.319 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-14 18:22:08.537 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 18:22:08.635 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 19:41:20.636 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 19:41:20.722 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 20:44:21.740 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 20:44:21.845 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 21:07:39.677 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-14 21:07:39.814 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-14 21:07:39.814 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-14 21:07:39.814 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-14 21:07:39.814 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-14 21:07:39.814 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-14 21:07:40.828 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "62ead73c2b46c974a21bc5f7c206f65f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-14 21:07:40.829 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-14 21:07:40.829 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-14 21:07:40.919 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768442860
2026-01-14 21:07:40.919 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768442860
2026-01-14 21:07:40.919 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-14 21:07:40.920 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-14 21:07:40.920 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-14 21:50:03.846 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 21:50:03.930 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-14 22:34:24.991 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-14 22:34:25.091 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-14 22:34:25.091 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-14 22:34:25.091 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-14 22:34:25.091 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-14 22:34:25.091 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-14 22:34:26.102 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3036ffdde1cf678a2fd01cfd340a7b1a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-14 22:34:26.102 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-14 22:34:26.102 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-14 22:34:26.231 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768448066
2026-01-14 22:34:26.231 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768448066
2026-01-14 22:34:26.231 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-14 22:34:26.231 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-14 22:34:26.231 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-14 23:00:15.931 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-14 23:00:16.031 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 00:02:22.035 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 00:02:22.137 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 01:01:58.178 [8039] info on_nebula.cpp::handle Performing threat scan
2026-01-15 01:08:24.189 [8039] info on_nebula.cpp::handle Scan complete, duration: 386
2026-01-15 01:08:24.191 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-15 01:08:24.192 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 01:08:24.337 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 02:38:24.340 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 02:38:24.434 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 04:01:12.436 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 04:01:12.518 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 04:54:10.353 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-15 04:54:10.456 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-15 04:54:10.456 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-15 04:54:10.456 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-15 04:54:10.456 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-15 04:54:10.457 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-15 04:54:11.468 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "567061efda2bbdb56b7f83ee8bcfe2af:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-15 04:54:11.468 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-15 04:54:11.468 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-15 04:54:11.645 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768470851
2026-01-15 04:54:11.645 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768470851
2026-01-15 04:54:11.645 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-15 04:54:11.646 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-15 04:54:11.646 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-15 05:27:36.519 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 05:27:36.619 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 06:00:58.636 [8039] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-15 06:00:58.636 [8039] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-15 06:00:58.636 [8039] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-15 06:00:58.636 [8039] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-15 06:00:58.637 [8039] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-15 06:00:58.638 [8039] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-15 06:01:07.146 [8039] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-15 06:01:08.172 [8039] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-15 06:01:15.609 [8039] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 360194371584, \"freespace_total\": 360194371584, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 741275418624, \"freespace_total\": 741275418624, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9357733888, \"free_virtual\": 8565379072, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-15 06:01:15.639 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-15 07:12:00.622 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 07:12:00.729 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 08:12:18.731 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 08:12:18.812 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 09:48:36.813 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 09:48:36.915 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 11:16:48.917 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 11:16:48.999 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 12:32:25.176 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 12:32:25.259 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 13:34:39.956 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-15 13:34:46.297 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-15 13:34:46.297 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-15 13:34:46.297 [8037] info on_timer.cpp::update No agent updates available
2026-01-15 13:34:46.297 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-15 13:34:46.437 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-15 13:34:46.437 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-15 13:34:46.672 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-15 13:34:46.744 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106457
2026-01-15 13:34:47.486 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106457
2026-01-15 13:34:47.486 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106457
2026-01-15 13:34:47.590 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-15 13:34:47.755 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-15 13:34:47.756 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-15 13:34:47.892 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-15 13:34:47.893 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-15 14:19:31.261 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 14:19:31.343 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 16:20:07.344 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 16:20:07.432 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 17:20:25.433 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 17:20:25.516 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 18:26:07.517 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 18:26:07.605 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 19:51:37.605 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 19:51:37.696 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 21:39:37.697 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 21:39:37.778 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-15 21:50:37.645 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-15 21:50:37.746 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-15 21:50:37.746 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-15 21:50:37.746 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-15 21:50:37.746 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-15 21:50:37.746 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-15 21:50:39.223 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "187f4014b2ae9b6e261573ee703ab935:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-15 21:50:39.223 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-15 21:50:39.223 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-15 21:50:39.373 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768531839
2026-01-15 21:50:39.373 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768531839
2026-01-15 21:50:39.373 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-15 21:50:39.374 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-15 21:50:39.471 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-15 23:20:25.779 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-15 23:20:25.861 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 01:01:58.012 [8039] info on_nebula.cpp::handle Performing threat scan
2026-01-16 01:08:35.876 [8039] info on_nebula.cpp::handle Scan complete, duration: 397
2026-01-16 01:08:35.880 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-16 01:08:35.881 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 01:08:36.028 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 03:04:59.475 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-16 03:04:59.610 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-16 03:04:59.610 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-16 03:04:59.610 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-16 03:04:59.610 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-16 03:04:59.610 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-16 03:05:00.621 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "618ec9f745ccd3f017887fee89619a03:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-16 03:05:00.621 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-16 03:05:00.621 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-16 03:05:00.759 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768550700
2026-01-16 03:05:00.759 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768550700
2026-01-16 03:05:00.759 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-16 03:05:00.759 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-16 03:05:00.759 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-16 03:05:36.886 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 03:05:36.967 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 03:24:33.616 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-16 03:24:33.745 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-16 03:24:33.745 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-16 03:24:33.745 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-16 03:24:33.745 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-16 03:24:33.745 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-16 03:24:34.756 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7e263691aa19aed6de3e448cc99e0834:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-16 03:24:34.756 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-16 03:24:34.756 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-16 03:24:34.923 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768551874
2026-01-16 03:24:34.923 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768551874
2026-01-16 03:24:34.923 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-16 03:24:34.924 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-16 03:24:34.924 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-16 03:40:00.167 [8039] info client.cpp::callSync []
2026-01-16 03:40:01.265 [8039] info client.cpp::syncExclusions Updated exclusions: ab78335b668adce5e814e21c6dbd02f5
2026-01-16 03:40:01.265 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: ab78335b668adce5e814e21c6dbd02f5
2026-01-16 03:40:01.265 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-16 03:40:01.266 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-16 03:40:01.266 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-16 03:40:01.268 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 03:40:01.349 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 05:24:25.351 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 05:24:25.435 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 06:30:07.437 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 06:30:07.520 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 08:15:26.530 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 08:15:26.611 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 09:36:26.612 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 09:36:26.696 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 10:45:44.697 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 10:45:44.779 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 12:32:50.781 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 12:32:50.885 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 13:34:52.650 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-16 13:34:58.072 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-16 13:34:58.073 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-16 13:34:58.073 [8037] info on_timer.cpp::update No agent updates available
2026-01-16 13:34:58.073 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-16 13:34:58.210 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-16 13:34:58.210 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-16 13:34:58.460 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-16 13:34:58.549 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106491
2026-01-16 13:34:59.306 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106491
2026-01-16 13:34:59.306 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106491
2026-01-16 13:34:59.426 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-16 13:34:59.582 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-16 13:34:59.582 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-16 13:34:59.718 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-16 13:34:59.719 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-16 14:32:32.886 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 14:32:32.970 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 16:33:08.971 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 16:33:09.053 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 17:55:58.068 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 17:55:58.151 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 19:10:41.163 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 19:10:41.248 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 20:16:24.264 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 20:16:24.349 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 21:49:07.365 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 21:49:07.448 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-16 23:49:43.448 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-16 23:49:43.549 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 01:01:59.612 [8039] info on_nebula.cpp::handle Performing threat scan
2026-01-17 01:09:08.545 [8039] info on_nebula.cpp::handle Scan complete, duration: 429
2026-01-17 01:09:08.546 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-17 01:09:08.547 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 01:09:08.690 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 02:57:09.702 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 02:57:09.788 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 04:09:09.805 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 04:09:09.888 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 05:50:51.890 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 05:50:51.977 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 06:00:58.022 [8039] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-17 06:00:58.022 [8039] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-17 06:00:58.023 [8039] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-17 06:00:58.023 [8039] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-17 06:00:58.024 [8039] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-17 06:00:58.024 [8039] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-17 06:01:06.161 [8039] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-17 06:01:07.173 [8039] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-17 06:01:14.671 [8039] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 358379556864, \"freespace_total\": 358379556864, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 739481731072, \"freespace_total\": 739481731072, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11367866368, \"free_virtual\": 8437886976, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-01-17 06:01:14.701 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-17 07:44:15.979 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 07:44:16.087 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 09:34:04.089 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 09:34:04.189 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 11:01:22.191 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 11:01:22.301 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 12:24:10.302 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 12:24:10.384 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 13:26:16.386 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 13:26:16.469 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 13:35:04.541 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-17 13:35:06.631 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7e263691aa19aed6de3e448cc99e0834:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-17 13:35:10.972 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-17 13:35:10.973 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-17 13:35:10.973 [8037] info on_timer.cpp::update No agent updates available
2026-01-17 13:35:10.973 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-17 13:35:11.134 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-17 13:35:11.134 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-17 13:35:11.388 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-17 13:35:11.472 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106531
2026-01-17 13:35:12.218 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106531
2026-01-17 13:35:12.218 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106531
2026-01-17 13:35:12.332 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-17 13:35:12.478 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-17 13:35:12.478 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-17 13:35:12.636 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-17 13:35:12.637 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-17 13:35:20.480 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7e263691aa19aed6de3e448cc99e0834:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-17 14:41:52.470 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 14:41:52.575 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 16:16:22.576 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 16:16:22.679 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 17:58:04.680 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 17:58:04.764 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 19:22:40.765 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 19:22:40.848 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 21:22:22.851 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 21:22:22.932 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-17 22:38:52.928 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-17 22:38:53.010 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 00:37:41.016 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 00:37:41.129 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 01:52:23.131 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 01:52:23.213 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 03:17:53.214 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 03:17:53.296 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 04:27:11.501 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 04:27:11.583 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 06:00:59.632 [8039] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-18 06:00:59.632 [8039] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-18 06:00:59.632 [8039] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-18 06:00:59.632 [8039] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-18 06:00:59.633 [8039] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-18 06:00:59.633 [8039] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-18 06:01:07.781 [8039] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-18 06:01:08.793 [8039] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-18 06:01:16.180 [8039] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 356599365632, \"freespace_total\": 356599365632, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 738468438016, \"freespace_total\": 738468438016, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9287819264, \"free_virtual\": 8447062016, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-18 06:01:16.217 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-18 06:07:59.585 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 06:07:59.669 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 07:15:29.670 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 07:15:29.772 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 08:51:47.772 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 08:51:47.853 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 10:19:59.855 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 10:19:59.937 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 11:42:47.939 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 11:42:48.023 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 13:23:37.037 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 13:23:37.123 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 13:35:16.952 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-18 13:35:23.263 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-18 13:35:23.263 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-18 13:35:23.263 [8037] info on_timer.cpp::update No agent updates available
2026-01-18 13:35:23.263 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-18 13:35:23.431 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-18 13:35:23.431 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-18 13:35:23.676 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-18 13:35:23.768 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106537
2026-01-18 13:35:24.528 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106537
2026-01-18 13:35:24.528 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106537
2026-01-18 13:35:24.638 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-18 13:35:24.764 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-18 13:35:24.764 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-18 13:35:24.902 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-18 13:35:24.903 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-18 14:40:07.125 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 14:40:07.207 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 16:01:07.208 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 16:01:07.291 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 17:46:25.293 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 17:46:25.381 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 19:30:49.384 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 19:30:49.465 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 20:45:31.467 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 20:45:31.550 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 22:21:49.552 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 22:21:49.654 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-18 23:57:13.656 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-18 23:57:13.760 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 01:01:59.989 [8039] info on_nebula.cpp::handle Performing threat scan
2026-01-19 01:11:55.705 [8039] info on_nebula.cpp::handle Scan complete, duration: 596
2026-01-19 01:11:55.707 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-19 01:11:55.708 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 01:11:55.832 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 02:20:01.460 [8039] info client.cpp::sync Command received : event.policy.refresh
2026-01-19 02:20:01.572 [8039] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-19 02:20:01.572 [8039] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-19 02:20:01.572 [8039] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-19 02:20:01.572 [8039] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-19 02:20:01.573 [8039] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-19 02:20:01.588 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "444e66f0de50426e0dbe5701a3dc2353:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-19 02:20:01.589 [8039] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-19 02:20:01.589 [8039] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-19 02:20:01.726 [8039] info client.cpp::syncExclusions Updated exclusions: nebula-1768807201
2026-01-19 02:20:01.726 [8039] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768807201
2026-01-19 02:20:01.726 [8039] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-19 02:20:01.727 [8039] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-19 02:20:01.727 [8039] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-19 02:39:13.833 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 02:39:13.917 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 04:38:55.919 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 04:38:56.000 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 04:56:39.314 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 04:56:42.555 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 05:01:10.743 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 05:01:12.002 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 06:01:00.104 [8039] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-19 06:01:00.104 [8039] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-19 06:01:00.104 [8039] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-19 06:01:00.104 [8039] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-19 06:01:00.110 [8039] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-19 06:01:00.111 [8039] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-19 06:01:11.638 [8039] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-19 06:01:12.652 [8039] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-19 06:01:24.301 [8039] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 349980200960, \"freespace_total\": 349980200960, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 737133793280, \"freespace_total\": 737133793280, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5212491776, \"free_virtual\": 8439459840, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-19 06:01:24.333 [8039] info schedule_store.cpp::save Saved nebula schedules
2026-01-19 06:15:55.024 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 06:15:55.105 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 07:22:31.106 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 07:22:31.188 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 09:17:44.200 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 09:17:44.282 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 10:31:32.283 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 10:31:32.367 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 12:24:02.369 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 12:24:02.453 [8039] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 13:35:29.411 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-19 13:35:32.540 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "444e66f0de50426e0dbe5701a3dc2353:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-19 13:35:35.044 [8037] info sirius.cpp::downloadUpdates No available packages to update
2026-01-19 13:35:35.045 [8037] info update.cpp::launchAgentUpdate No agent updates available
2026-01-19 13:35:35.045 [8037] info on_timer.cpp::update No agent updates available
2026-01-19 13:35:35.045 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-19 13:35:35.184 [8037] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-19 13:35:35.184 [8037] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-19 13:35:35.456 [8037] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-19 13:35:35.767 [8037] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106559
2026-01-19 13:35:36.859 [8037] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106559
2026-01-19 13:35:36.859 [8037] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106559
2026-01-19 13:35:37.312 [8037] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-19 13:35:37.454 [8037] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-19 13:35:37.454 [8037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-19 13:35:37.595 [8037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-19 13:35:37.596 [8037] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-19 13:35:39.573 [8039] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "444e66f0de50426e0dbe5701a3dc2353:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-19 13:48:38.455 [8039] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 18:38:18.627 [6376] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-19 18:38:18.631 [6376] info mbdaemon.cpp::main logLevel is info
2026-01-19 18:38:18.631 [6376] info mbdaemon.cpp::main syslogLevel is warn
2026-01-19 18:38:18.631 [6376] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-19 18:38:18.631 [6376] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-19 18:38:18.788 [6376] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-19 18:38:18.860 [6376] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-19 18:38:19.115 [6376] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-19 18:38:19.115 [8147] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-19 18:38:19.115 [8151] info communicator.cpp::processor processing starting
2026-01-19 18:38:19.115 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-19 18:38:22.426 [8148] info sirius.cpp::downloadUpdates No available packages to update
2026-01-19 18:38:22.426 [8148] info update.cpp::launchAgentUpdate No agent updates available
2026-01-19 18:38:22.426 [8148] info on_timer.cpp::update No agent updates available
2026-01-19 18:38:22.426 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-19 18:38:22.429 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-19 18:38:22.430 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-19 18:38:22.430 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-19 18:38:22.430 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-19 18:38:22.562 [8148] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-19 18:38:22.562 [8148] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-19 18:38:22.811 [8148] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-19 18:38:22.879 [8148] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106561
2026-01-19 18:38:23.630 [8148] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106561
2026-01-19 18:38:23.630 [8148] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106561
2026-01-19 18:38:23.630 [8150] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-19 18:38:23.630 [8150] info sirius.cpp::downloadUpdates checking for new updates
2026-01-19 18:38:23.720 [8148] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-19 18:38:23.764 [8150] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-19 18:38:23.764 [8150] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-19 18:38:23.765 [8150] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-19 18:38:23.768 [8150] info schedule_store.cpp::load Loaded nebula schedules
2026-01-19 18:38:23.846 [8148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-19 18:38:23.870 [8150] info client.cpp::callSync []
2026-01-19 18:38:23.969 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-19 18:38:23.969 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-19 18:38:23.969 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-19 18:38:23.969 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-19 18:38:24.972 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "287c2bf6fbf4f960cb86009df2dc0a13:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-19 18:38:25.057 [8150] info client.cpp::syncExclusions Updated exclusions: fa25afdd0e9df24dfb69b409d6107142
2026-01-19 18:38:25.057 [8150] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-19 18:38:25.057 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 18:38:25.140 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 18:38:29.146 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "287c2bf6fbf4f960cb86009df2dc0a13:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-19 18:38:29.147 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: fa25afdd0e9df24dfb69b409d6107142
2026-01-19 18:38:29.147 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-19 18:38:29.148 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-19 18:38:29.148 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-19 19:50:25.084 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 19:50:25.167 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 21:38:25.169 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 21:38:25.251 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-19 22:47:44.253 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-19 22:47:44.336 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 00:04:14.337 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 00:04:14.446 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 01:01:59.474 [8150] info on_nebula.cpp::handle Performing threat scan
2026-01-20 01:11:44.110 [8150] info on_nebula.cpp::handle Scan complete, duration: 585
2026-01-20 01:11:44.111 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-20 01:11:44.113 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 01:11:44.255 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 03:06:56.256 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 03:06:56.339 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 04:25:14.340 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 04:25:14.422 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 05:39:56.424 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 05:39:56.511 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 06:00:58.555 [8150] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-20 06:00:58.555 [8150] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-20 06:00:58.555 [8150] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-20 06:00:58.555 [8150] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-20 06:00:58.555 [8150] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-20 06:00:58.555 [8150] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-20 06:01:10.001 [8150] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-20 06:01:11.008 [8150] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-20 06:01:19.375 [8150] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 365301100544, \"freespace_total\": 365301100544, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 736217378816, \"freespace_total\": 736217378816, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 12540137472, \"free_virtual\": 8584155136, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-01-20 06:01:19.407 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-20 07:09:02.512 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 07:09:02.605 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 08:11:08.606 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 08:11:08.692 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 09:13:14.693 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 09:13:14.775 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 10:22:32.776 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 10:22:32.860 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 10:39:22.673 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-20 10:39:22.802 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-20 10:39:22.802 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-20 10:39:22.802 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-20 10:39:22.802 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-20 10:39:22.802 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-20 10:39:23.808 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "31da7f2ece64cf7c676964594e018600:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-20 10:39:23.809 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-20 10:39:23.809 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-20 10:39:23.950 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1768923563
2026-01-20 10:39:23.950 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768923563
2026-01-20 10:39:23.950 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-20 10:39:23.951 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-20 10:39:23.951 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-20 11:51:38.861 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 11:51:38.945 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 13:28:50.943 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 13:28:51.044 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 14:33:39.043 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 14:33:39.126 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 15:51:57.249 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 15:51:57.352 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 16:09:04.891 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-20 16:09:05.019 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-20 16:09:05.019 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-20 16:09:05.019 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-20 16:09:05.019 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-20 16:09:05.019 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-20 16:09:06.025 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "37ee6440eec3e15b0d6ac0a12088bc38:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-20 16:09:06.026 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-20 16:09:06.026 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-20 16:09:06.126 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1768943346
2026-01-20 16:09:06.126 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768943346
2026-01-20 16:09:06.126 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-20 16:09:06.127 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-20 16:09:06.127 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-20 17:12:57.352 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 17:12:57.455 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 18:31:16.462 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 18:31:16.544 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 18:36:13.538 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-20 18:36:13.659 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-20 18:36:13.659 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-20 18:36:13.659 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-20 18:36:13.659 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-20 18:36:13.659 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-20 18:36:14.736 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "e1d740f95971e70568c415b55ea3624a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-20 18:36:14.736 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-20 18:36:14.736 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-20 18:36:14.888 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1768952174
2026-01-20 18:36:14.888 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768952174
2026-01-20 18:36:14.888 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-20 18:36:14.889 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-20 18:36:14.889 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-20 18:38:28.413 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-20 18:38:32.552 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "e1d740f95971e70568c415b55ea3624a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-20 18:38:33.748 [8148] info sirius.cpp::downloadUpdates No available packages to update
2026-01-20 18:38:33.748 [8148] info update.cpp::launchAgentUpdate No agent updates available
2026-01-20 18:38:33.749 [8148] info on_timer.cpp::update No agent updates available
2026-01-20 18:38:33.749 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-20 18:38:33.903 [8148] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-20 18:38:33.903 [8148] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-20 18:38:34.680 [8148] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-20 18:38:34.745 [8148] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106597
2026-01-20 18:38:35.525 [8148] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106597
2026-01-20 18:38:35.525 [8148] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106597
2026-01-20 18:38:35.620 [8148] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-20 18:38:35.751 [8148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-20 18:38:35.751 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-20 18:38:35.891 [8148] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-20 18:38:35.893 [8148] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-20 18:38:40.572 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "e1d740f95971e70568c415b55ea3624a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-20 20:25:34.553 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 20:25:34.636 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-20 22:20:46.641 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-20 22:20:46.739 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 00:15:04.742 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 00:15:04.824 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 01:32:29.832 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 01:32:29.914 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 02:08:26.997 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-21 02:08:27.106 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-21 02:08:27.106 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-21 02:08:27.106 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-21 02:08:27.106 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-21 02:08:27.106 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-21 02:08:29.429 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6d0a9fd434b3d996e0a86b721119fcd6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-21 02:08:29.430 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-21 02:08:29.430 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-21 02:08:29.579 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1768979309
2026-01-21 02:08:29.579 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1768979309
2026-01-21 02:08:29.579 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-21 02:08:29.580 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-21 02:08:29.580 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-21 02:13:35.151 [8150] info client.cpp::callSync []
2026-01-21 02:13:36.255 [8150] info client.cpp::syncExclusions Updated exclusions: 7298840ce7ee05ccafd60830f91ad3e1
2026-01-21 02:13:36.255 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 7298840ce7ee05ccafd60830f91ad3e1
2026-01-21 02:13:36.255 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-21 02:13:36.255 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-21 02:13:36.255 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-21 02:13:36.257 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 02:13:36.373 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 04:10:36.373 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 04:10:36.476 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 05:20:48.477 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 05:20:48.558 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 06:00:58.653 [8150] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-21 06:00:58.653 [8150] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-21 06:00:58.654 [8150] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-21 06:00:58.654 [8150] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-21 06:00:58.654 [8150] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-21 06:00:58.654 [8150] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-21 06:01:09.744 [8150] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-21 06:01:10.752 [8150] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-21 06:01:21.392 [8150] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364047613952, \"freespace_total\": 364047613952, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 735097286656, \"freespace_total\": 735097286656, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10038308864, \"free_virtual\": 8581795840, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-01-21 06:01:21.423 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-21 07:06:06.559 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 07:06:06.644 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 08:45:07.656 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 08:45:07.757 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 10:12:25.905 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 10:12:26.004 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 11:26:14.148 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 11:26:14.253 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 13:10:38.254 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 13:10:38.339 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 14:52:20.335 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 14:52:20.442 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 15:16:43.456 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-21 15:16:43.556 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-21 15:16:43.556 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-21 15:16:43.556 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-21 15:16:43.556 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-21 15:16:43.556 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-21 15:16:44.563 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d8581bca9ae5ce1ec52706f808e0490f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-21 15:16:44.564 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-21 15:16:44.564 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-21 15:16:44.712 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769026604
2026-01-21 15:16:44.712 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769026604
2026-01-21 15:16:44.712 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-21 15:16:44.713 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-21 15:16:44.713 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-21 15:45:31.030 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-21 15:45:31.136 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-21 15:45:31.136 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-21 15:45:31.136 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-21 15:45:31.136 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-21 15:45:31.136 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-21 15:45:32.143 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "0ef68334a77d75e3e08557cda3cf35c4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-21 15:45:32.143 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-21 15:45:32.143 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-21 15:45:32.275 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769028332
2026-01-21 15:45:32.275 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769028332
2026-01-21 15:45:32.275 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-21 15:45:32.276 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-21 15:45:32.276 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-21 16:10:38.441 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 16:10:38.523 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 17:35:14.524 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 17:35:14.624 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 18:38:40.340 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-21 18:38:42.701 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "0ef68334a77d75e3e08557cda3cf35c4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-21 18:38:46.694 [8148] info sirius.cpp::downloadUpdates No available packages to update
2026-01-21 18:38:46.694 [8148] info update.cpp::launchAgentUpdate No agent updates available
2026-01-21 18:38:46.694 [8148] info on_timer.cpp::update No agent updates available
2026-01-21 18:38:46.694 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-21 18:38:46.832 [8148] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-21 18:38:46.832 [8148] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-21 18:38:47.153 [8148] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-21 18:38:47.228 [8148] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106631
2026-01-21 18:38:48.008 [8148] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106631
2026-01-21 18:38:48.008 [8148] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106631
2026-01-21 18:38:48.113 [8148] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-21 18:38:48.277 [8148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-21 18:38:48.278 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-21 18:38:48.364 [8148] info sirius.cpp::downloadUpdates updating package: epa.linux.plugin.edr
2026-01-21 18:38:48.545 [8148] info sirius.cpp::download updated epa.linux.plugin.edr to version 1.0.112
2026-01-21 18:38:48.545 [8148] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-21 18:38:49.292 [7141] info sirius.cpp::unpack Extracting epa.linux.plugin.edr to /usr/share/mblinux/plugins/epa.linux.plugin.edr/
2026-01-21 18:38:50.295 [7141] info sirius.cpp::unpack Unpacked epa.linux.plugin.edr 1.0.112
2026-01-21 18:38:50.297 [7141] info sirius.cpp::installDownloaded installed epa.linux.plugin.edr 1.0.112
2026-01-21 18:38:50.722 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": ""}], "policy_etag": "0ef68334a77d75e3e08557cda3cf35c4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-21 18:38:58.743 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": ""}], "policy_etag": "0ef68334a77d75e3e08557cda3cf35c4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-21 18:41:50.630 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 18:41:50.715 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 18:57:47.439 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-21 18:57:47.561 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-21 18:57:47.561 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-21 18:57:47.561 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-21 18:57:47.561 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-21 18:57:47.561 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-21 18:57:48.569 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": ""}], "policy_etag": "e8047790c9c201c7fec27f1a51415194:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-21 18:57:48.569 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-21 18:57:48.569 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-21 18:57:48.711 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769039868
2026-01-21 18:57:48.711 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769039868
2026-01-21 18:57:48.711 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-21 18:57:48.712 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-21 18:57:48.712 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-21 20:42:26.719 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 20:42:26.800 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 22:00:44.605 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 22:00:44.707 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-21 23:45:08.907 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-21 23:45:08.992 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 01:01:59.044 [8150] info on_nebula.cpp::handle Performing threat scan
2026-01-22 01:11:23.750 [8150] info on_nebula.cpp::handle Scan complete, duration: 564
2026-01-22 01:11:23.751 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-22 01:11:23.753 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 01:11:23.867 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 02:29:41.869 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 02:29:41.985 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 04:02:23.987 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 04:02:24.088 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 05:59:24.256 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 05:59:24.362 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 06:00:58.490 [8150] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-22 06:00:58.490 [8150] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-22 06:00:58.490 [8150] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-22 06:00:58.490 [8150] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-22 06:00:58.491 [8150] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-22 06:00:58.491 [8150] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-22 06:01:06.973 [8150] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-22 06:01:07.983 [8150] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-22 06:01:16.454 [8150] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 365503606784, \"freespace_total\": 365503606784, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 733923987456, \"freespace_total\": 733923987456, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8918061056, \"free_virtual\": 8581009408, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-22 06:01:16.487 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-22 06:17:20.344 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-22 06:17:20.477 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-22 06:17:20.477 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-22 06:17:20.477 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-22 06:17:20.477 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-22 06:17:20.477 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-22 06:17:21.142 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": ""}], "policy_etag": "27e6d2beb0ae579de8ce79880dc865fe:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-22 06:17:21.142 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-22 06:17:21.142 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-22 06:17:21.321 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769080641
2026-01-22 06:17:21.321 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769080641
2026-01-22 06:17:21.321 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-22 06:17:21.322 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-22 06:17:21.322 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-22 07:34:48.896 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 07:34:48.986 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 08:53:06.987 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 08:53:07.072 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 10:32:07.073 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 10:32:07.156 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 12:31:49.159 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 12:31:49.243 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 14:27:55.244 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 14:27:55.326 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 16:23:07.326 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 16:23:07.408 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 17:26:07.409 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 17:26:07.493 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 18:38:53.350 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-22 18:38:59.619 [8148] info sirius.cpp::downloadUpdates No available packages to update
2026-01-22 18:38:59.620 [8148] info update.cpp::launchAgentUpdate No agent updates available
2026-01-22 18:38:59.620 [8148] info on_timer.cpp::update No agent updates available
2026-01-22 18:38:59.620 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-22 18:38:59.656 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": ""}], "policy_etag": "27e6d2beb0ae579de8ce79880dc865fe:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-22 18:38:59.784 [8148] info sirius.cpp::downloadUpdates updating package: mblinux.db.rules
2026-01-22 18:38:59.898 [8148] info sirius.cpp::download updated mblinux.db.rules to version 2.0.202512051355
2026-01-22 18:38:59.898 [8148] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-22 18:39:00.251 [8148] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106657
2026-01-22 18:39:01.015 [8148] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106657
2026-01-22 18:39:01.015 [8148] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106657
2026-01-22 18:39:01.043 [8148] info sirius.cpp::installDownloaded installed mblinux.db.rules 2.0.202512051355
2026-01-22 18:39:01.105 [8148] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-22 18:39:01.308 [8148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-22 18:39:01.309 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-22 18:39:01.445 [8148] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-22 18:39:01.446 [8148] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-22 18:39:05.503 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "27e6d2beb0ae579de8ce79880dc865fe:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-22 19:12:19.495 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 19:12:19.598 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 20:55:49.600 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 20:55:49.700 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 22:28:31.707 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 22:28:31.791 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-22 23:30:37.792 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-22 23:30:37.873 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 00:55:13.874 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 00:55:13.959 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 01:02:00.037 [8150] info on_nebula.cpp::handle Performing threat scan
2026-01-23 01:36:27.737 [8150] info on_nebula.cpp::handle Scan complete, duration: 2067
2026-01-23 01:36:27.845 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-23 01:36:27.846 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 01:36:27.944 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 02:50:47.885 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-23 02:50:47.999 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-23 02:50:47.999 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-23 02:50:47.999 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-23 02:50:47.999 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-23 02:50:47.999 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-23 02:50:49.011 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "59e48105f3a21e8739f717bd783450f0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-23 02:50:49.011 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-23 02:50:49.011 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-23 02:50:49.315 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769154649
2026-01-23 02:50:49.316 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769154649
2026-01-23 02:50:49.316 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-23 02:50:49.317 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-23 02:50:49.317 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-23 02:57:27.945 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 02:57:28.035 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 04:48:10.035 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 04:48:10.119 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 06:00:59.278 [8150] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-23 06:00:59.279 [8150] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-23 06:00:59.279 [8150] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-23 06:00:59.279 [8150] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-23 06:00:59.279 [8150] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-23 06:00:59.279 [8150] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-23 06:01:08.392 [8150] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-23 06:01:09.407 [8150] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-23 06:01:24.462 [8150] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 357959479296, \"freespace_total\": 357959479296, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 732334362624, \"freespace_total\": 732334362624, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10363662336, \"free_virtual\": 8390963200, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-01-23 06:01:24.500 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-23 06:01:24.538 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 06:01:24.620 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 07:43:06.621 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 07:43:06.708 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 09:14:54.709 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 09:14:54.810 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 10:59:18.811 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 10:59:18.897 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 12:32:54.898 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 12:32:55.001 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 13:38:45.327 [8150] info client.cpp::registerRefresh nebula client refresh success
2026-01-23 13:38:45.374 [8150] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-01-23 13:38:45.378 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 13:38:45.462 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 14:40:51.464 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 14:40:51.579 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 16:05:27.580 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 16:05:27.674 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 17:58:34.788 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-23 17:58:34.945 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-23 17:58:34.945 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-23 17:58:34.945 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-23 17:58:34.945 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-23 17:58:34.945 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-23 17:58:35.955 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1452d7bacc68ea3bffabe2aba26416f9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-23 17:58:35.955 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-23 17:58:35.955 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-23 17:58:36.108 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769209115
2026-01-23 17:58:36.108 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769209115
2026-01-23 17:58:36.108 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-23 17:58:36.109 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-23 17:58:36.109 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-23 18:00:39.859 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 18:00:39.943 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 18:39:06.206 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-23 18:39:11.079 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1452d7bacc68ea3bffabe2aba26416f9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-23 18:39:14.910 [8148] info sirius.cpp::downloadUpdates No available packages to update
2026-01-23 18:39:14.910 [8148] info update.cpp::launchAgentUpdate No agent updates available
2026-01-23 18:39:14.910 [8148] info on_timer.cpp::update No agent updates available
2026-01-23 18:39:14.910 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-23 18:39:15.068 [8148] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-23 18:39:15.068 [8148] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-23 18:39:16.181 [8148] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-23 18:39:16.520 [8148] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106685
2026-01-23 18:39:17.792 [8148] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106685
2026-01-23 18:39:17.792 [8148] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106685
2026-01-23 18:39:18.532 [8148] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-23 18:39:18.882 [8148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-23 18:39:18.882 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-23 18:39:19.040 [8148] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-23 18:39:19.041 [8148] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-23 18:39:19.103 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1452d7bacc68ea3bffabe2aba26416f9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-23 19:05:27.944 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 19:05:28.095 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 20:40:52.097 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 20:40:52.181 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 22:32:28.186 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 22:32:28.287 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-23 23:37:16.288 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-23 23:37:16.389 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 00:42:58.390 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 00:42:58.491 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 02:08:28.493 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 02:08:28.577 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 03:51:58.579 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 03:51:58.680 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 04:52:16.681 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 04:52:16.773 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 06:51:04.774 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 06:51:04.972 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 08:37:16.974 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 08:37:17.068 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 09:58:17.070 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 09:58:17.171 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 11:30:05.173 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 11:30:05.281 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 12:58:17.283 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 12:58:17.374 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 14:42:41.375 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 14:42:41.458 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 16:35:11.461 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 16:35:11.546 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 18:09:41.547 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 18:09:41.634 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 18:39:23.274 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-24 18:39:27.652 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1452d7bacc68ea3bffabe2aba26416f9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-24 18:39:29.825 [8148] info sirius.cpp::downloadUpdates No available packages to update
2026-01-24 18:39:29.826 [8148] info update.cpp::launchAgentUpdate No agent updates available
2026-01-24 18:39:29.826 [8148] info on_timer.cpp::update No agent updates available
2026-01-24 18:39:29.826 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-24 18:39:29.966 [8148] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-24 18:39:29.966 [8148] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-24 18:39:30.579 [8148] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-24 18:39:31.098 [8148] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106733
2026-01-24 18:39:32.371 [8148] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106733
2026-01-24 18:39:32.371 [8148] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106733
2026-01-24 18:39:32.826 [8148] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-24 18:39:33.015 [8148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-24 18:39:33.015 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-24 18:39:33.155 [8148] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-24 18:39:33.156 [8148] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-24 18:39:35.677 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1452d7bacc68ea3bffabe2aba26416f9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-24 19:18:05.636 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 19:18:05.717 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 20:31:53.719 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 20:31:53.811 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 22:21:41.813 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 22:21:41.922 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-24 23:47:11.923 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-24 23:47:12.005 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 01:01:59.029 [8150] info on_nebula.cpp::handle Performing threat scan
2026-01-25 02:02:18.618 [8150] info on_nebula.cpp::handle Scan complete, duration: 3619
2026-01-25 02:02:18.649 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-25 02:02:18.651 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 02:02:18.757 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 03:34:01.064 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-25 03:34:01.230 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-25 03:34:01.230 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-25 03:34:01.230 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-25 03:34:01.230 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-25 03:34:01.230 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-25 03:34:02.241 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6ff50d2b841de090f0cfefc4fc91e837:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-25 03:34:02.242 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-25 03:34:02.242 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-25 03:34:02.387 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769330042
2026-01-25 03:34:02.387 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769330042
2026-01-25 03:34:02.387 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-25 03:34:02.388 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-25 03:34:02.388 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-25 03:35:00.966 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 03:35:01.054 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 04:40:43.056 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 04:40:43.140 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 05:49:07.141 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 05:49:52.879 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 06:01:01.019 [8150] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-25 06:01:01.019 [8150] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-25 06:01:01.019 [8150] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-25 06:01:01.019 [8150] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-25 06:01:01.023 [8150] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-25 06:01:01.037 [8150] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-25 06:01:13.177 [8150] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-25 06:01:14.189 [8150] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-25 06:01:21.892 [8150] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 324550492160, \"freespace_total\": 324550492160, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 728215588864, \"freespace_total\": 728215588864, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7075123200, \"free_virtual\": 8449945600, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-25 06:01:21.968 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-25 07:36:58.880 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 07:36:58.966 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 09:18:41.155 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 09:18:41.236 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 10:48:41.237 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 10:48:41.321 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 12:40:17.322 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 12:40:17.409 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 14:01:18.422 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 14:01:18.508 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 15:57:24.511 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 15:57:24.594 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 17:57:07.606 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 17:57:07.700 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 18:39:37.941 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-25 18:39:40.766 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6ff50d2b841de090f0cfefc4fc91e837:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-25 18:39:44.779 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6ff50d2b841de090f0cfefc4fc91e837:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-25 18:39:45.385 [8148] info sirius.cpp::downloadUpdates No available packages to update
2026-01-25 18:39:45.385 [8148] info update.cpp::launchAgentUpdate No agent updates available
2026-01-25 18:39:45.385 [8148] info on_timer.cpp::update No agent updates available
2026-01-25 18:39:45.385 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-25 18:39:45.535 [8148] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-25 18:39:45.682 [8148] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-25 18:39:45.941 [8148] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-25 18:39:46.645 [8148] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106755
2026-01-25 18:39:47.506 [8148] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106755
2026-01-25 18:39:47.506 [8148] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106755
2026-01-25 18:39:48.149 [8148] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-25 18:39:48.406 [8148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-25 18:39:48.406 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-25 18:39:48.574 [8148] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-25 18:39:48.631 [8148] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-25 19:11:49.893 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 19:11:49.986 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 21:06:07.988 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 21:06:08.071 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-25 22:49:39.087 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-25 22:49:39.190 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 00:06:09.576 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 00:06:09.662 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 01:01:58.711 [8150] info on_nebula.cpp::handle Performing threat scan
2026-01-26 01:38:21.174 [8150] info on_nebula.cpp::handle Scan complete, duration: 2183
2026-01-26 01:38:21.296 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-26 01:38:21.297 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 01:38:21.387 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 02:39:33.389 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 02:39:33.471 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 04:03:16.485 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 04:03:16.586 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 05:26:58.588 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 05:26:58.671 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 06:01:00.839 [8150] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-26 06:01:00.839 [8150] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-26 06:01:00.839 [8150] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-26 06:01:00.839 [8150] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-26 06:01:00.840 [8150] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-26 06:01:00.840 [8150] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-26 06:01:09.685 [8150] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-26 06:01:10.706 [8150] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-26 06:01:35.398 [8150] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 321666924544, \"freespace_total\": 321666924544, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 726494396416, \"freespace_total\": 726494396416, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7942197248, \"free_virtual\": 8439984128, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-26 06:01:35.479 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-26 06:01:35.480 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 06:01:35.564 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 07:06:23.768 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 07:06:23.852 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 07:12:45.573 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-26 07:12:45.706 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-26 07:12:45.706 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-26 07:12:45.706 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-26 07:12:45.706 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-26 07:12:45.706 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-26 07:12:46.718 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "dc59bebea6695654736b62664f36d03f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-26 07:12:46.721 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-26 07:12:46.721 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-26 07:12:46.926 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769429566
2026-01-26 07:12:46.926 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769429566
2026-01-26 07:12:46.926 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-26 07:12:46.927 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-26 07:12:46.937 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-26 08:12:05.853 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 08:12:05.954 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 09:51:05.956 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 09:51:06.044 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 11:08:21.070 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-26 11:08:21.191 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-26 11:08:21.191 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-26 11:08:21.191 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-26 11:08:21.191 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-26 11:08:21.191 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-26 11:08:22.201 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "81ee0a29e12c3adf5b141e78e8d94a69:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-26 11:08:22.202 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-26 11:08:22.202 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-26 11:08:22.309 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769443702
2026-01-26 11:08:22.309 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769443702
2026-01-26 11:08:22.309 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-26 11:08:22.310 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-26 11:08:22.310 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-26 11:21:06.045 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 11:21:06.150 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 12:54:42.152 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 12:54:42.235 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 13:11:34.381 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-26 13:11:34.506 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-26 13:11:34.506 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-26 13:11:34.506 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-26 13:11:34.506 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-26 13:11:34.506 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-26 13:11:34.521 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d0d248bd15eaa11d1c0a148daebe8833:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-26 13:11:34.521 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-26 13:11:34.521 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-26 13:11:34.663 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769451094
2026-01-26 13:11:34.663 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769451094
2026-01-26 13:11:34.663 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-26 13:11:34.663 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-26 13:11:34.663 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-26 14:31:54.237 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 14:31:54.319 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 16:17:12.319 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 16:17:12.401 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 18:00:42.403 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 18:00:42.594 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 18:06:47.726 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-26 18:06:47.882 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-26 18:06:47.882 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-26 18:06:47.882 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-26 18:06:47.882 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-26 18:06:47.882 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-26 18:06:48.898 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "e0ca0fd2c7c1317947475aa7cf9af680:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-26 18:06:48.898 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-26 18:06:48.898 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-26 18:06:49.061 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769468808
2026-01-26 18:06:49.062 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769468808
2026-01-26 18:06:49.062 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-26 18:06:49.062 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-26 18:06:49.062 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-26 18:39:53.213 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-26 18:39:56.715 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "e0ca0fd2c7c1317947475aa7cf9af680:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-26 18:39:59.681 [8148] info sirius.cpp::downloadUpdates No available packages to update
2026-01-26 18:39:59.682 [8148] info update.cpp::launchAgentUpdate No agent updates available
2026-01-26 18:39:59.682 [8148] info on_timer.cpp::update No agent updates available
2026-01-26 18:39:59.682 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-26 18:39:59.831 [8148] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-26 18:39:59.831 [8148] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-26 18:40:00.121 [8148] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-26 18:40:00.579 [8148] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106793
2026-01-26 18:40:02.134 [8148] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106793
2026-01-26 18:40:02.134 [8148] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106793
2026-01-26 18:40:02.398 [8148] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-26 18:40:02.590 [8148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-26 18:40:02.591 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-26 18:40:02.727 [8148] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-26 18:40:02.740 [8148] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-26 18:40:07.759 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "e0ca0fd2c7c1317947475aa7cf9af680:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-26 18:50:17.522 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-26 18:50:17.623 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-26 18:50:17.623 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-26 18:50:17.623 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-26 18:50:17.623 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-26 18:50:17.623 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-26 18:50:18.642 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "20d4ee60f6b9a085e3dac00064bd1841:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-26 18:50:18.643 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-26 18:50:18.643 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-26 18:50:18.790 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769471418
2026-01-26 18:50:18.790 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769471418
2026-01-26 18:50:18.790 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-26 18:50:18.815 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-26 18:50:18.816 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-26 19:56:49.611 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 19:56:49.711 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 21:01:38.724 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 21:01:38.806 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 22:26:15.821 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 22:26:15.903 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-26 23:49:57.904 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-26 23:49:57.985 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 00:59:16.193 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 00:59:16.294 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 01:01:58.493 [8150] info on_nebula.cpp::handle Performing threat scan
2026-01-27 02:04:21.221 [8150] info on_nebula.cpp::handle Scan complete, duration: 3743
2026-01-27 02:04:21.223 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-27 02:04:21.224 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 02:04:21.368 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 04:00:28.384 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 04:00:28.467 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 06:00:58.646 [8150] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-27 06:00:58.646 [8150] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-27 06:00:58.646 [8150] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-27 06:00:58.646 [8150] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-27 06:00:58.647 [8150] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-27 06:00:58.647 [8150] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-27 06:01:08.160 [8150] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-27 06:01:09.172 [8150] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-27 06:01:17.668 [8150] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 305131905024, \"freespace_total\": 305131905024, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 724685049856, \"freespace_total\": 724685049856, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6236155904, \"free_virtual\": 8443129856, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-27 06:01:17.710 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-27 06:01:17.712 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 06:01:17.842 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 07:47:29.840 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 07:47:29.920 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 09:43:35.921 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 09:43:36.004 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 11:15:24.006 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 11:15:24.095 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 12:58:00.097 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 12:58:00.179 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 14:44:12.181 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 14:44:12.269 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 16:05:12.271 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 16:05:12.374 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 17:37:00.376 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 17:37:00.462 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 18:40:07.054 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-27 18:40:09.505 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "20d4ee60f6b9a085e3dac00064bd1841:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-27 18:40:13.523 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "20d4ee60f6b9a085e3dac00064bd1841:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-27 18:40:14.265 [8148] info sirius.cpp::downloadUpdates No available packages to update
2026-01-27 18:40:14.345 [8148] info update.cpp::launchAgentUpdate No agent updates available
2026-01-27 18:40:14.345 [8148] info on_timer.cpp::update No agent updates available
2026-01-27 18:40:14.345 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-27 18:40:14.486 [8148] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-01-27 18:40:14.486 [8148] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-01-27 18:40:15.133 [8148] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-01-27 18:40:15.991 [8148] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.106827
2026-01-27 18:40:16.806 [8148] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.106827
2026-01-27 18:40:16.807 [8148] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.106827
2026-01-27 18:40:17.925 [8148] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-01-27 18:40:18.643 [8148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-27 18:40:18.643 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-27 18:40:18.781 [8148] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-27 18:40:18.791 [8148] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-27 19:13:18.463 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 19:13:18.546 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 20:22:36.548 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 20:22:36.635 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 21:58:00.549 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 21:58:00.662 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-27 23:08:12.749 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-27 23:08:12.847 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 01:02:00.936 [8150] info on_nebula.cpp::handle Performing threat scan
2026-01-28 02:13:18.784 [8150] info on_nebula.cpp::handle Scan complete, duration: 4278
2026-01-28 02:13:18.786 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-28 02:13:18.787 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 02:13:18.886 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 03:14:31.506 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 03:14:31.595 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 04:37:20.607 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 04:37:20.691 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 06:00:59.909 [8150] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-28 06:00:59.912 [8150] info asset_mgmt.cpp::collectData Collecting asset information
2026-01-28 06:00:59.912 [8150] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-28 06:00:59.912 [8150] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 06:00:59.913 [8150] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-28 06:00:59.914 [8150] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-28 06:01:09.920 [8150] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-28 06:01:10.934 [8150] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-28 06:01:19.009 [8150] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 290659794944, \"freespace_total\": 290659794944, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 0, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 0, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 722933768192, \"freespace_total\": 722933768192, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.84\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8014184448, \"free_virtual\": 8427139072, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-28 06:01:19.048 [8150] info schedule_store.cpp::save Saved nebula schedules
2026-01-28 06:01:19.049 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 06:01:19.153 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 07:53:49.154 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 07:53:49.237 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 08:16:53.778 [8150] info client.cpp::sync Command received : event.policy.refresh
2026-01-28 08:16:53.899 [8150] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 08:16:53.899 [8150] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 08:16:53.899 [8150] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 08:16:53.899 [8150] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 08:16:53.899 [8150] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-28 08:16:54.911 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "24c52715b517cf09d470cf194ee0a46d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 08:16:54.912 [8150] info client.cpp::sync Command received : event.exclusion.refresh
2026-01-28 08:16:54.912 [8150] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-28 08:16:55.044 [8150] info client.cpp::syncExclusions Updated exclusions: nebula-1769606214
2026-01-28 08:16:55.044 [8150] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769606214
2026-01-28 08:16:55.044 [8150] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-28 08:16:55.045 [8150] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-28 08:16:55.045 [8150] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-28 09:41:49.438 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 09:41:49.520 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 11:26:13.522 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 11:26:13.605 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 13:00:43.607 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 13:00:43.709 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 14:03:43.712 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 14:03:43.799 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 15:31:01.801 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 15:31:01.886 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 16:55:37.887 [8150] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 16:55:37.970 [8150] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:40:24.023 [8148] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:40:26.061 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "24c52715b517cf09d470cf194ee0a46d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:40:30.102 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "24c52715b517cf09d470cf194ee0a46d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:40:30.912 [8148] info sirius.cpp::downloadUpdates updating package: epa.linux
2026-01-28 18:40:31.673 [8148] info sirius.cpp::download updated epa.linux to version 1.1.85
2026-01-28 18:40:31.691 [8148] info sirius.cpp::unpack Extracting epa.linux to /usr/share/mblinux/installers/epa.linux/
2026-01-28 18:40:32.695 [8148] info sirius.cpp::unpack Unpacked epa.linux 1.1.85
2026-01-28 18:40:32.695 [8148] info sirius.cpp::installDownloaded installed epa.linux 1.1.85
2026-01-28 18:40:32.717 [8148] info command_history.cpp::Cleanup Performing command history cleanup
2026-01-28 18:40:40.912 [8147] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:40:42.148 [8150] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "24c52715b517cf09d470cf194ee0a46d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:68", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:40:42.522 [8151] info communicator.cpp::processor processing exited
2026-01-28 18:40:57.914 [6376] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:40:58.915 [6376] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:40:59.024 [57766] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:40:59.024 [57766] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:40:59.024 [57766] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:40:59.025 [57766] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:40:59.025 [57766] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:40:59.136 [57766] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:40:59.212 [57766] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:40:59.462 [57766] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:40:59.462 [57777] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:40:59.462 [57781] info communicator.cpp::processor processing starting
2026-01-28 18:40:59.467 [57778] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:41:03.814 [57778] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:41:03.814 [57778] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:41:03.846 [57780] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:41:03.846 [57780] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:41:03.846 [57780] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:41:03.846 [57780] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:41:03.846 [57780] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:41:03.846 [57780] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:41:04.058 [57780] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:41:04.059 [57780] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:41:04.059 [57780] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:41:04.168 [57780] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:41:04.278 [57780] info client.cpp::callSync []
2026-01-28 18:41:04.404 [57780] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:41:04.404 [57780] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:41:04.404 [57780] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:41:04.404 [57780] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:41:05.409 [57780] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:41:05.630 [57780] info client.cpp::syncExclusions Updated exclusions: a2dc322ca5c0032d3d9c0d04fb5de311
2026-01-28 18:41:05.630 [57780] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:41:05.844 [57780] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:41:05.940 [57780] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:41:09.947 [57780] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:41:09.948 [57780] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: a2dc322ca5c0032d3d9c0d04fb5de311
2026-01-28 18:41:09.948 [57780] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-28 18:41:09.949 [57780] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-28 18:41:09.949 [57780] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-28 18:41:10.959 [57777] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:41:14.260 [57780] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:41:15.467 [57781] info communicator.cpp::processor processing exited
2026-01-28 18:41:29.468 [57766] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:41:30.468 [57766] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:41:30.477 [58650] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:41:30.478 [58650] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:41:30.478 [58650] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:41:30.478 [58650] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:41:30.478 [58650] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:41:30.587 [58650] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:41:30.637 [58650] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:41:30.820 [58650] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:41:30.821 [58661] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:41:30.821 [58665] info communicator.cpp::processor processing starting
2026-01-28 18:41:30.823 [58662] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:41:37.174 [58662] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:41:37.174 [58662] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:41:37.178 [58664] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:41:37.178 [58664] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:41:37.178 [58664] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:41:37.178 [58664] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:41:37.178 [58664] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:41:37.178 [58664] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:41:37.408 [58664] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:41:37.408 [58664] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:41:37.408 [58664] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:41:37.415 [58664] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:41:37.513 [58664] info client.cpp::callSync []
2026-01-28 18:41:38.517 [58664] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:41:38.518 [58664] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:41:38.664 [58664] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:41:42.672 [58664] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:41:44.319 [58661] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:41:46.699 [58664] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:41:47.388 [58665] info communicator.cpp::processor processing exited
2026-01-28 18:42:01.389 [58650] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:42:02.389 [58650] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:42:02.399 [59653] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:42:02.399 [59653] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:42:02.399 [59653] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:42:02.399 [59653] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:42:02.399 [59653] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:42:02.508 [59653] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:42:02.557 [59653] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:42:02.745 [59653] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:42:02.745 [59662] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:42:02.745 [59675] info communicator.cpp::processor processing starting
2026-01-28 18:42:02.747 [59663] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:42:09.099 [59663] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:42:09.099 [59663] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:42:09.102 [59674] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:42:09.102 [59674] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:42:09.102 [59674] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:42:09.102 [59674] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:42:09.102 [59674] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:42:09.102 [59674] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:42:09.295 [59674] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:42:09.295 [59674] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:42:09.295 [59674] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:42:09.300 [59674] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:42:09.386 [59674] info client.cpp::callSync []
2026-01-28 18:42:10.391 [59674] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:42:10.391 [59674] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:42:10.532 [59674] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:42:14.247 [59662] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:42:14.541 [59674] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:42:14.872 [59675] info communicator.cpp::processor processing exited
2026-01-28 18:42:31.249 [59653] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:42:32.249 [59653] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:42:32.258 [60685] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:42:32.258 [60685] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:42:32.258 [60685] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:42:32.258 [60685] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:42:32.258 [60685] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:42:32.371 [60685] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:42:32.420 [60685] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:42:32.604 [60685] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:42:32.604 [60696] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:42:32.604 [60700] info communicator.cpp::processor processing starting
2026-01-28 18:42:32.606 [60697] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:42:38.951 [60697] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:42:38.951 [60697] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:42:38.953 [60699] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:42:38.953 [60699] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:42:38.953 [60699] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:42:38.953 [60699] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:42:38.953 [60699] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:42:38.953 [60699] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:42:39.153 [60699] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:42:39.153 [60699] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:42:39.153 [60699] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:42:39.158 [60699] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:42:39.257 [60699] info client.cpp::callSync []
2026-01-28 18:42:40.262 [60699] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:42:40.263 [60699] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:42:40.263 [60699] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:42:40.344 [60699] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:42:44.351 [60699] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:42:45.092 [60696] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:42:48.370 [60699] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:42:49.560 [60700] info communicator.cpp::processor processing exited
2026-01-28 18:43:03.561 [60685] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:43:04.561 [60685] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:43:04.571 [61685] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:43:04.571 [61685] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:43:04.571 [61685] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:43:04.571 [61685] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:43:04.571 [61685] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:43:04.679 [61685] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:43:04.728 [61685] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:43:04.902 [61685] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:43:04.902 [61708] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:43:04.902 [61712] info communicator.cpp::processor processing starting
2026-01-28 18:43:04.904 [61709] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:43:11.244 [61709] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:43:11.244 [61709] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:43:11.247 [61711] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:43:11.247 [61711] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:43:11.247 [61711] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:43:11.247 [61711] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:43:11.247 [61711] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:43:11.247 [61711] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:43:11.511 [61711] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:43:11.511 [61711] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:43:11.511 [61711] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:43:11.516 [61711] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:43:11.623 [61711] info client.cpp::callSync []
2026-01-28 18:43:12.630 [61711] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:43:12.630 [61711] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:43:12.750 [61711] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:43:16.759 [61711] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:43:17.382 [61708] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:43:20.779 [61711] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:43:21.977 [61712] info communicator.cpp::processor processing exited
2026-01-28 18:43:35.978 [61685] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:43:36.978 [61685] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:43:36.988 [62782] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:43:36.988 [62782] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:43:36.988 [62782] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:43:36.988 [62782] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:43:36.988 [62782] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:43:37.100 [62782] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:43:37.151 [62782] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:43:37.339 [62782] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:43:37.339 [62822] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:43:37.339 [62826] info communicator.cpp::processor processing starting
2026-01-28 18:43:37.341 [62823] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:43:43.692 [62823] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:43:43.692 [62823] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:43:43.695 [62825] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:43:43.695 [62825] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:43:43.695 [62825] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:43:43.695 [62825] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:43:43.696 [62825] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:43:43.696 [62825] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:43:43.908 [62825] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:43:43.908 [62825] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:43:43.908 [62825] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:43:43.917 [62825] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:43:44.047 [62825] info client.cpp::callSync []
2026-01-28 18:43:44.053 [62825] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:43:44.053 [62825] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:43:44.187 [62825] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:43:48.195 [62825] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:43:49.836 [62822] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:43:52.230 [62825] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:43:53.222 [62826] info communicator.cpp::processor processing exited
2026-01-28 18:44:07.223 [62782] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:44:08.223 [62782] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:44:08.233 [63848] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:44:08.233 [63848] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:44:08.233 [63848] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:44:08.233 [63848] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:44:08.233 [63848] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:44:08.341 [63848] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:44:08.390 [63848] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:44:08.579 [63848] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:44:08.580 [63867] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:44:08.580 [63871] info communicator.cpp::processor processing starting
2026-01-28 18:44:08.582 [63868] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:44:14.936 [63868] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:44:14.937 [63868] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:44:14.939 [63870] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:44:14.939 [63870] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:44:14.939 [63870] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:44:14.939 [63870] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:44:14.939 [63870] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:44:14.939 [63870] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:44:15.151 [63870] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:44:15.151 [63870] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:44:15.151 [63870] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:44:15.158 [63870] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:44:15.246 [63870] info client.cpp::callSync []
2026-01-28 18:44:16.251 [63870] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:44:16.251 [63870] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:44:16.382 [63870] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:44:20.390 [63870] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:44:22.077 [63867] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:44:24.407 [63870] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:44:24.828 [63871] info communicator.cpp::processor processing exited
2026-01-28 18:44:39.078 [63848] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:44:40.078 [63848] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:44:40.089 [64848] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:44:40.089 [64848] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:44:40.089 [64848] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:44:40.089 [64848] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:44:40.089 [64848] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:44:40.256 [64848] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:44:40.305 [64848] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:44:40.490 [64848] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:44:40.491 [64854] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:44:40.491 [64858] info communicator.cpp::processor processing starting
2026-01-28 18:44:40.493 [64855] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:44:46.816 [64855] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:44:46.816 [64855] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:44:46.818 [64857] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:44:46.819 [64857] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:44:46.819 [64857] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:44:46.819 [64857] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:44:46.819 [64857] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:44:46.819 [64857] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:44:47.011 [64857] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:44:47.011 [64857] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:44:47.011 [64857] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:44:47.016 [64857] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:44:47.126 [64857] info client.cpp::callSync []
2026-01-28 18:44:48.132 [64857] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:44:48.133 [64857] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:44:48.272 [64857] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:44:51.960 [64854] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:44:52.280 [64857] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:44:52.920 [64858] info communicator.cpp::processor processing exited
2026-01-28 18:45:08.961 [64848] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:45:09.961 [64848] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:45:09.970 [65975] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:45:09.970 [65975] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:45:09.970 [65975] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:45:09.970 [65975] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:45:09.970 [65975] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:45:10.080 [65975] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:45:10.129 [65975] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:45:10.305 [65975] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:45:10.305 [65981] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:45:10.305 [65985] info communicator.cpp::processor processing starting
2026-01-28 18:45:10.307 [65982] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:45:15.638 [65982] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:45:15.638 [65982] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:45:15.641 [65984] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:45:15.641 [65984] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:45:15.641 [65984] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:45:15.641 [65984] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:45:15.641 [65984] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:45:15.641 [65984] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:45:15.848 [65984] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:45:15.848 [65984] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:45:15.848 [65984] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:45:15.853 [65984] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:45:15.958 [65984] info client.cpp::callSync []
2026-01-28 18:45:16.964 [65984] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:45:16.964 [65984] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:45:16.964 [65984] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:45:17.046 [65984] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:45:20.788 [65981] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:45:21.053 [65984] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:45:21.951 [65985] info communicator.cpp::processor processing exited
2026-01-28 18:45:37.789 [65975] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:45:38.789 [65975] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:45:38.798 [66860] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:45:38.798 [66860] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:45:38.798 [66860] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:45:38.798 [66860] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:45:38.798 [66860] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:45:38.915 [66860] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:45:38.966 [66860] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:45:39.150 [66860] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:45:39.150 [66871] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:45:39.150 [66875] info communicator.cpp::processor processing starting
2026-01-28 18:45:39.152 [66872] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:45:45.512 [66872] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:45:45.512 [66872] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:45:45.515 [66874] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:45:45.515 [66874] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:45:45.515 [66874] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:45:45.515 [66874] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:45:45.515 [66874] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:45:45.515 [66874] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:45:45.724 [66874] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:45:45.724 [66874] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:45:45.724 [66874] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:45:45.731 [66874] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:45:45.821 [66874] info client.cpp::callSync []
2026-01-28 18:45:46.827 [66874] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:45:46.828 [66874] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:45:46.828 [66874] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:45:46.939 [66874] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:45:50.947 [66874] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:45:52.661 [66871] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:45:54.976 [66874] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:45:55.702 [66875] info communicator.cpp::processor processing exited
2026-01-28 18:46:09.703 [66860] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:46:10.704 [66860] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:46:10.713 [67895] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:46:10.713 [67895] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:46:10.713 [67895] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:46:10.713 [67895] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:46:10.713 [67895] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:46:10.821 [67895] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:46:10.870 [67895] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:46:11.046 [67895] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:46:11.047 [67902] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:46:11.047 [67906] info communicator.cpp::processor processing starting
2026-01-28 18:46:11.049 [67903] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:46:16.377 [67903] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:46:16.377 [67903] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:46:16.380 [67905] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:46:16.380 [67905] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:46:16.380 [67905] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:46:16.380 [67905] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:46:16.380 [67905] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:46:16.380 [67905] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:46:16.599 [67905] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:46:16.600 [67905] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:46:16.600 [67905] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:46:16.609 [67905] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:46:16.701 [67905] info client.cpp::callSync []
2026-01-28 18:46:17.706 [67905] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:46:17.706 [67905] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:46:17.788 [67905] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:46:21.797 [67905] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:46:22.568 [67902] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:46:25.824 [67905] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:46:26.526 [67906] info communicator.cpp::processor processing exited
2026-01-28 18:46:40.528 [67895] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:46:41.528 [67895] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:46:41.539 [68874] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:46:41.539 [68874] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:46:41.539 [68874] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:46:41.539 [68874] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:46:41.539 [68874] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:46:41.671 [68874] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:46:41.735 [68874] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:46:41.930 [68874] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:46:41.930 [68881] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:46:41.930 [68885] info communicator.cpp::processor processing starting
2026-01-28 18:46:41.932 [68882] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:46:48.284 [68882] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:46:48.284 [68882] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:46:48.286 [68884] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:46:48.287 [68884] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:46:48.287 [68884] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:46:48.287 [68884] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:46:48.287 [68884] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:46:48.287 [68884] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:46:48.563 [68884] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:46:48.563 [68884] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:46:48.563 [68884] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:46:48.568 [68884] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:46:48.668 [68884] info client.cpp::callSync []
2026-01-28 18:46:49.675 [68884] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:46:49.675 [68884] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:46:49.797 [68884] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:46:53.430 [68881] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:46:53.804 [68884] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:46:54.114 [68885] info communicator.cpp::processor processing exited
2026-01-28 18:47:10.431 [68874] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:47:11.432 [68874] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:47:11.440 [69841] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:47:11.440 [69841] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:47:11.440 [69841] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:47:11.441 [69841] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:47:11.441 [69841] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:47:11.554 [69841] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:47:11.605 [69841] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:47:11.784 [69841] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:47:11.784 [69860] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:47:11.784 [69864] info communicator.cpp::processor processing starting
2026-01-28 18:47:11.786 [69861] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:47:17.123 [69861] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:47:17.123 [69861] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:47:17.126 [69863] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:47:17.126 [69863] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:47:17.127 [69863] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:47:17.127 [69863] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:47:17.127 [69863] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:47:17.127 [69863] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:47:17.339 [69863] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:47:17.339 [69863] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:47:17.339 [69863] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:47:17.346 [69863] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:47:17.433 [69863] info client.cpp::callSync []
2026-01-28 18:47:18.438 [69863] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:47:18.438 [69863] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:47:18.438 [69863] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:47:18.524 [69863] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:47:22.531 [69863] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:47:24.272 [69860] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:47:26.551 [69863] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:47:27.563 [69864] info communicator.cpp::processor processing exited
2026-01-28 18:47:41.565 [69841] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:47:42.565 [69841] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:47:42.574 [70907] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:47:42.574 [70907] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:47:42.574 [70907] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:47:42.574 [70907] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:47:42.574 [70907] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:47:42.683 [70907] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:47:42.731 [70907] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:47:42.917 [70907] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:47:42.917 [70922] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:47:42.917 [70926] info communicator.cpp::processor processing starting
2026-01-28 18:47:42.919 [70923] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:47:48.275 [70923] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:47:48.275 [70923] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:47:48.277 [70925] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:47:48.277 [70925] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:47:48.277 [70925] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:47:48.277 [70925] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:47:48.277 [70925] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:47:48.277 [70925] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:47:48.474 [70925] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:47:48.474 [70925] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:47:48.474 [70925] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:47:48.479 [70925] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:47:48.566 [70925] info client.cpp::callSync []
2026-01-28 18:47:49.570 [70925] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:47:49.571 [70925] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:47:49.683 [70925] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:47:53.690 [70925] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:47:55.421 [70922] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:47:57.710 [70925] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:47:58.907 [70926] info communicator.cpp::processor processing exited
2026-01-28 18:48:12.908 [70907] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:48:13.908 [70907] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:48:13.917 [71980] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:48:13.918 [71980] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:48:13.918 [71980] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:48:13.918 [71980] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:48:13.918 [71980] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:48:14.026 [71980] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:48:14.075 [71980] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:48:14.260 [71980] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:48:14.261 [71996] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:48:14.261 [72000] info communicator.cpp::processor processing starting
2026-01-28 18:48:14.262 [71997] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:48:20.663 [71997] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:48:20.663 [71997] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:48:20.665 [71999] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:48:20.665 [71999] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:48:20.665 [71999] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:48:20.665 [71999] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:48:20.665 [71999] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:48:20.665 [71999] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:48:20.878 [71999] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:48:20.878 [71999] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:48:20.878 [71999] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:48:20.885 [71999] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:48:20.992 [71999] info client.cpp::callSync []
2026-01-28 18:48:21.997 [71999] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:48:21.998 [71999] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:48:22.122 [71999] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:48:26.129 [71999] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:48:26.813 [71996] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:48:29.157 [71999] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:48:30.186 [72000] info communicator.cpp::processor processing exited
2026-01-28 18:48:44.187 [71980] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:48:45.187 [71980] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:48:45.196 [72994] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:48:45.197 [72994] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:48:45.197 [72994] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:48:45.197 [72994] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:48:45.197 [72994] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:48:45.307 [72994] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:48:45.364 [72994] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:48:45.545 [72994] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:48:45.546 [73016] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:48:45.546 [73020] info communicator.cpp::processor processing starting
2026-01-28 18:48:45.547 [73017] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:48:50.869 [73017] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:48:50.869 [73017] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:48:50.872 [73019] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:48:50.872 [73019] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:48:50.872 [73019] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:48:50.872 [73019] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:48:50.872 [73019] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:48:50.872 [73019] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:48:51.118 [73019] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:48:51.118 [73019] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:48:51.118 [73019] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:48:51.123 [73019] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:48:51.235 [73019] info client.cpp::callSync []
2026-01-28 18:48:52.240 [73019] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:48:52.240 [73019] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:48:52.360 [73019] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:48:56.370 [73019] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:48:57.018 [73016] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:49:00.392 [73019] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:49:01.159 [73020] info communicator.cpp::processor processing exited
2026-01-28 18:49:15.160 [72994] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:49:16.161 [72994] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:49:16.170 [74050] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:49:16.170 [74050] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:49:16.170 [74050] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:49:16.170 [74050] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:49:16.170 [74050] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:49:16.279 [74050] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:49:16.328 [74050] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:49:16.520 [74050] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:49:16.520 [74081] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:49:16.520 [74085] info communicator.cpp::processor processing starting
2026-01-28 18:49:16.522 [74082] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:49:21.863 [74082] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:49:21.863 [74082] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:49:21.867 [74084] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:49:21.867 [74084] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:49:21.867 [74084] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:49:21.867 [74084] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:49:21.867 [74084] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:49:21.867 [74084] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:49:22.104 [74084] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:49:22.104 [74084] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:49:22.104 [74084] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:49:22.109 [74084] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:49:22.195 [74084] info client.cpp::callSync []
2026-01-28 18:49:23.200 [74084] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:49:23.200 [74084] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:49:23.334 [74084] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:49:27.343 [74084] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:49:28.020 [74081] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:49:31.360 [74084] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:49:32.135 [74085] info communicator.cpp::processor processing exited
2026-01-28 18:49:46.136 [74050] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:49:47.136 [74050] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:49:47.146 [75014] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:49:47.146 [75014] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:49:47.146 [75014] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:49:47.146 [75014] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:49:47.146 [75014] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:49:47.256 [75014] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:49:47.305 [75014] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:49:47.492 [75014] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:49:47.492 [75031] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:49:47.492 [75035] info communicator.cpp::processor processing starting
2026-01-28 18:49:47.494 [75032] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:49:53.824 [75032] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:49:53.824 [75032] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:49:53.826 [75034] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:49:53.826 [75034] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:49:53.826 [75034] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:49:53.827 [75034] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:49:53.827 [75034] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:49:53.827 [75034] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:49:54.035 [75034] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:49:54.035 [75034] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:49:54.035 [75034] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:49:54.042 [75034] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:49:54.156 [75034] info client.cpp::callSync []
2026-01-28 18:49:55.162 [75034] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:49:55.162 [75034] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:49:55.298 [75034] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:49:59.307 [75034] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:49:59.967 [75031] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:50:03.332 [75034] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:50:04.408 [75035] info communicator.cpp::processor processing exited
2026-01-28 18:50:18.409 [75014] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:50:19.409 [75014] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:50:19.418 [76014] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:50:19.418 [76014] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:50:19.418 [76014] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:50:19.418 [76014] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:50:19.418 [76014] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:50:19.527 [76014] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:50:19.576 [76014] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:50:19.765 [76014] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:50:19.765 [76034] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:50:19.765 [76038] info communicator.cpp::processor processing starting
2026-01-28 18:50:19.767 [76035] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:50:26.116 [76035] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:50:26.116 [76035] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:50:26.119 [76037] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:50:26.119 [76037] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:50:26.119 [76037] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:50:26.119 [76037] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:50:26.119 [76037] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:50:26.119 [76037] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:50:26.310 [76037] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:50:26.310 [76037] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:50:26.310 [76037] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:50:26.315 [76037] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:50:26.408 [76037] info client.cpp::callSync []
2026-01-28 18:50:27.413 [76037] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:50:27.413 [76037] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:50:27.560 [76037] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:50:31.568 [76037] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:50:32.260 [76034] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:50:35.587 [76037] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:50:35.831 [76038] info communicator.cpp::processor processing exited
2026-01-28 18:50:49.832 [76014] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:50:50.832 [76014] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:50:50.841 [77056] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:50:50.841 [77056] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:50:50.841 [77056] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:50:50.842 [77056] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:50:50.842 [77056] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:50:50.950 [77056] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:50:50.999 [77056] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:50:51.177 [77056] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:50:51.177 [77068] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:50:51.177 [77072] info communicator.cpp::processor processing starting
2026-01-28 18:50:51.179 [77069] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:50:55.524 [77069] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:50:55.524 [77069] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:50:55.527 [77071] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:50:55.528 [77071] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:50:55.528 [77071] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:50:55.528 [77071] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:50:55.528 [77071] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:50:55.528 [77071] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:50:55.755 [77071] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:50:55.755 [77071] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:50:55.755 [77071] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:50:55.762 [77071] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:50:55.870 [77071] info client.cpp::callSync []
2026-01-28 18:50:56.877 [77071] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:50:56.877 [77071] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:50:57.022 [77071] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:51:01.031 [77071] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:51:01.670 [77068] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:51:05.049 [77071] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:51:05.908 [77072] info communicator.cpp::processor processing exited
2026-01-28 18:51:19.909 [77056] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:51:20.910 [77056] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:51:20.921 [78024] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:51:20.921 [78024] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:51:20.921 [78024] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:51:20.921 [78024] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:51:20.921 [78024] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:51:21.063 [78024] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:51:21.113 [78024] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:51:21.290 [78024] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:51:21.290 [78031] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:51:21.290 [78035] info communicator.cpp::processor processing starting
2026-01-28 18:51:21.292 [78032] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:51:27.619 [78032] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:51:27.619 [78032] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:51:27.621 [78034] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:51:27.621 [78034] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:51:27.621 [78034] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:51:27.621 [78034] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:51:27.621 [78034] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:51:27.621 [78034] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:51:27.828 [78034] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:51:27.828 [78034] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:51:27.828 [78034] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:51:27.834 [78034] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:51:27.924 [78034] info client.cpp::callSync []
2026-01-28 18:51:28.930 [78034] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:51:28.930 [78034] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:51:29.075 [78034] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:51:33.082 [78034] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:51:34.758 [78031] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:51:37.105 [78034] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:51:37.848 [78035] info communicator.cpp::processor processing exited
2026-01-28 18:51:51.849 [78024] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:51:52.849 [78024] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:51:52.859 [79031] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:51:52.860 [79031] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:51:52.860 [79031] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:51:52.860 [79031] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:51:52.860 [79031] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:51:53.033 [79031] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:51:53.082 [79031] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:51:53.263 [79031] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:51:53.263 [79039] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:51:53.263 [79043] info communicator.cpp::processor processing starting
2026-01-28 18:51:53.265 [79040] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:51:59.619 [79040] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:51:59.620 [79040] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:51:59.623 [79042] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:51:59.623 [79042] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:51:59.623 [79042] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:51:59.623 [79042] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:51:59.623 [79042] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:51:59.623 [79042] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:51:59.817 [79042] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:51:59.817 [79042] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:51:59.817 [79042] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:51:59.822 [79042] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:51:59.934 [79042] info client.cpp::callSync []
2026-01-28 18:52:00.941 [79042] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:52:00.941 [79042] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:52:01.075 [79042] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:52:05.082 [79042] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:52:06.760 [79039] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:52:09.108 [79042] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:52:10.302 [79043] info communicator.cpp::processor processing exited
2026-01-28 18:52:24.304 [79031] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:52:25.304 [79031] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:52:25.313 [79908] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:52:25.313 [79908] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:52:25.313 [79908] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:52:25.313 [79908] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:52:25.313 [79908] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:52:25.421 [79908] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:52:25.470 [79908] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:52:25.649 [79908] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:52:25.649 [79920] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:52:25.649 [79924] info communicator.cpp::processor processing starting
2026-01-28 18:52:25.651 [79921] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:52:31.977 [79921] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:52:31.977 [79921] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:52:31.979 [79923] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:52:31.979 [79923] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:52:31.979 [79923] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:52:31.979 [79923] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:52:31.980 [79923] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:52:31.980 [79923] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:52:32.189 [79923] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:52:32.189 [79923] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:52:32.189 [79923] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:52:32.196 [79923] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:52:32.285 [79923] info client.cpp::callSync []
2026-01-28 18:52:33.290 [79923] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:52:33.290 [79923] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:52:33.438 [79923] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:52:37.445 [79923] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:52:38.120 [79920] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:52:41.464 [79923] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:52:41.937 [79924] info communicator.cpp::processor processing exited
2026-01-28 18:52:55.938 [79908] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:52:56.938 [79908] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:52:56.950 [80930] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:52:56.950 [80930] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:52:56.950 [80930] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:52:56.950 [80930] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:52:56.950 [80930] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:52:57.062 [80930] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:52:57.113 [80930] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:52:57.294 [80930] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:52:57.294 [80944] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:52:57.295 [80948] info communicator.cpp::processor processing starting
2026-01-28 18:52:57.296 [80945] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:53:02.618 [80945] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:53:02.619 [80945] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:53:02.621 [80947] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:53:02.621 [80947] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:53:02.621 [80947] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:53:02.621 [80947] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:53:02.621 [80947] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:53:02.621 [80947] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:53:02.813 [80947] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:53:02.813 [80947] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:53:02.813 [80947] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:53:02.820 [80947] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:53:02.910 [80947] info client.cpp::callSync []
2026-01-28 18:53:03.915 [80947] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:53:03.915 [80947] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:53:04.038 [80947] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:53:08.045 [80947] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:53:09.758 [80944] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:53:12.065 [80947] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:53:13.011 [80948] info communicator.cpp::processor processing exited
2026-01-28 18:53:27.012 [80930] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:53:28.012 [80930] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:53:28.021 [81937] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:53:28.021 [81937] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:53:28.021 [81937] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:53:28.022 [81937] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:53:28.022 [81937] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:53:28.130 [81937] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:53:28.180 [81937] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:53:28.364 [81937] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:53:28.364 [81946] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:53:28.364 [81950] info communicator.cpp::processor processing starting
2026-01-28 18:53:28.366 [81947] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:53:33.690 [81947] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:53:33.690 [81947] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:53:33.692 [81949] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:53:33.692 [81949] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:53:33.692 [81949] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:53:33.692 [81949] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:53:33.692 [81949] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:53:33.692 [81949] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:53:33.904 [81949] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:53:33.904 [81949] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:53:33.904 [81949] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:53:33.911 [81949] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:53:34.000 [81949] info client.cpp::callSync []
2026-01-28 18:53:35.005 [81949] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:53:35.005 [81949] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:53:35.147 [81949] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:53:39.157 [81949] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:53:39.833 [81946] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:53:43.183 [81949] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:53:43.459 [81950] info communicator.cpp::processor processing exited
2026-01-28 18:53:57.460 [81937] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:53:58.461 [81937] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:53:58.470 [82888] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:53:58.470 [82888] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:53:58.470 [82888] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:53:58.470 [82888] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:53:58.470 [82888] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:53:58.584 [82888] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:53:58.663 [82888] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:53:58.896 [82888] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:53:58.896 [82909] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:53:58.896 [82913] info communicator.cpp::processor processing starting
2026-01-28 18:53:58.898 [82910] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:54:05.223 [82910] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:54:05.224 [82910] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:54:05.227 [82912] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:54:05.227 [82912] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:54:05.227 [82912] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:54:05.227 [82912] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:54:05.227 [82912] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:54:05.227 [82912] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:54:05.420 [82912] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:54:05.420 [82912] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:54:05.420 [82912] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:54:05.425 [82912] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:54:05.562 [82912] info client.cpp::callSync []
2026-01-28 18:54:06.567 [82912] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:54:06.567 [82912] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:54:06.659 [82912] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:54:10.666 [82912] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:54:12.377 [82909] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:54:14.686 [82912] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:54:15.567 [82913] info communicator.cpp::processor processing exited
2026-01-28 18:54:29.568 [82888] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:54:30.568 [82888] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:54:30.577 [83855] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:54:30.578 [83855] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:54:30.578 [83855] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:54:30.578 [83855] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:54:30.578 [83855] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:54:30.687 [83855] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:54:30.736 [83855] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:54:30.919 [83855] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:54:30.919 [83872] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:54:30.919 [83876] info communicator.cpp::processor processing starting
2026-01-28 18:54:30.921 [83873] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:54:37.249 [83873] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:54:37.249 [83873] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:54:37.251 [83875] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:54:37.251 [83875] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:54:37.251 [83875] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:54:37.251 [83875] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:54:37.251 [83875] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:54:37.251 [83875] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:54:37.448 [83875] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:54:37.448 [83875] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:54:37.448 [83875] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:54:37.453 [83875] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:54:37.540 [83875] info client.cpp::callSync []
2026-01-28 18:54:38.544 [83875] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:54:38.545 [83875] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:54:38.690 [83875] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:54:42.697 [83875] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:54:44.440 [83872] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:54:46.717 [83875] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:54:47.937 [83876] info communicator.cpp::processor processing exited
2026-01-28 18:55:01.938 [83855] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:55:02.938 [83855] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:55:02.948 [84813] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:55:02.948 [84813] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:55:02.948 [84813] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:55:02.948 [84813] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:55:02.948 [84813] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:55:03.059 [84813] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:55:03.108 [84813] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:55:03.296 [84813] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:55:03.297 [84826] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:55:03.297 [84830] info communicator.cpp::processor processing starting
2026-01-28 18:55:03.298 [84827] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:55:09.619 [84827] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:55:09.619 [84827] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:55:09.621 [84829] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:55:09.621 [84829] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:55:09.621 [84829] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:55:09.621 [84829] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:55:09.621 [84829] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:55:09.621 [84829] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:55:09.834 [84829] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:55:09.834 [84829] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:55:09.834 [84829] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:55:09.841 [84829] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:55:09.937 [84829] info client.cpp::callSync []
2026-01-28 18:55:10.943 [84829] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:55:10.944 [84829] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:55:11.091 [84829] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:55:15.099 [84829] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:55:16.760 [84826] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:55:19.118 [84829] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:55:20.314 [84830] info communicator.cpp::processor processing exited
2026-01-28 18:55:34.315 [84813] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:55:35.315 [84813] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:55:35.324 [85769] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:55:35.325 [85769] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:55:35.325 [85769] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:55:35.325 [85769] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:55:35.325 [85769] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:55:35.433 [85769] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:55:35.482 [85769] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:55:35.663 [85769] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:55:35.663 [85796] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:55:35.663 [85800] info communicator.cpp::processor processing starting
2026-01-28 18:55:35.665 [85797] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:55:40.988 [85797] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:55:40.989 [85797] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:55:40.991 [85799] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:55:40.991 [85799] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:55:40.991 [85799] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:55:40.991 [85799] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:55:40.991 [85799] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:55:40.991 [85799] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:55:41.182 [85799] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:55:41.182 [85799] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:55:41.182 [85799] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:55:41.187 [85799] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:55:41.276 [85799] info client.cpp::callSync []
2026-01-28 18:55:42.281 [85799] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:55:42.281 [85799] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:55:42.407 [85799] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:55:46.414 [85799] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:55:47.145 [85796] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:55:50.433 [85799] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:55:51.036 [85800] info communicator.cpp::processor processing exited
2026-01-28 18:56:05.037 [85769] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:56:06.037 [85769] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:56:06.046 [86883] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:56:06.047 [86883] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:56:06.047 [86883] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:56:06.047 [86883] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:56:06.047 [86883] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:56:06.155 [86883] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:56:06.203 [86883] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:56:06.380 [86883] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:56:06.380 [86905] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:56:06.380 [86909] info communicator.cpp::processor processing starting
2026-01-28 18:56:06.382 [86906] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:56:11.724 [86906] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:56:11.724 [86906] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:56:11.727 [86908] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:56:11.727 [86908] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:56:11.727 [86908] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:56:11.727 [86908] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:56:11.727 [86908] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:56:11.727 [86908] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:56:11.938 [86908] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:56:11.938 [86908] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:56:11.938 [86908] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:56:11.945 [86908] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:56:12.055 [86908] info client.cpp::callSync []
2026-01-28 18:56:13.060 [86908] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:56:13.060 [86908] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:56:13.193 [86908] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:56:17.198 [86908] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:56:18.864 [86905] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:56:21.225 [86908] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:56:21.927 [86909] info communicator.cpp::processor processing exited
2026-01-28 18:56:35.928 [86883] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:56:36.928 [86883] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:56:36.938 [87698] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:56:36.938 [87698] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:56:36.938 [87698] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:56:36.938 [87698] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:56:36.938 [87698] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:56:37.047 [87698] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:56:37.096 [87698] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:56:37.279 [87698] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:56:37.279 [87723] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:56:37.279 [87727] info communicator.cpp::processor processing starting
2026-01-28 18:56:37.281 [87724] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:56:43.607 [87724] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:56:43.608 [87724] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:56:43.610 [87726] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:56:43.610 [87726] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:56:43.610 [87726] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:56:43.610 [87726] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:56:43.610 [87726] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:56:43.610 [87726] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:56:43.822 [87726] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:56:43.822 [87726] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:56:43.822 [87726] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:56:43.829 [87726] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:56:43.941 [87726] info client.cpp::callSync []
2026-01-28 18:56:44.947 [87726] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:56:44.947 [87726] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:56:45.031 [87726] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:56:49.039 [87726] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:56:50.752 [87723] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:56:53.059 [87726] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:56:54.104 [87727] info communicator.cpp::processor processing exited
2026-01-28 18:57:08.106 [87698] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:57:09.106 [87698] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:57:09.117 [88657] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:57:09.117 [88657] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:57:09.117 [88657] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:57:09.118 [88657] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:57:09.118 [88657] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:57:09.226 [88657] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:57:09.275 [88657] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:57:09.461 [88657] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:57:09.461 [88664] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:57:09.462 [88668] info communicator.cpp::processor processing starting
2026-01-28 18:57:09.463 [88665] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:57:15.792 [88665] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:57:15.792 [88665] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:57:15.794 [88667] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:57:15.794 [88667] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:57:15.794 [88667] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:57:15.794 [88667] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:57:15.794 [88667] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:57:15.794 [88667] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:57:15.988 [88667] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:57:15.988 [88667] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:57:15.988 [88667] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:57:15.993 [88667] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:57:16.089 [88667] info client.cpp::callSync []
2026-01-28 18:57:17.094 [88667] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:57:17.095 [88667] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:57:17.247 [88667] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:57:21.255 [88667] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:57:21.932 [88664] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:57:24.281 [88667] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:57:24.604 [88668] info communicator.cpp::processor processing exited
2026-01-28 18:57:38.933 [88657] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:57:39.934 [88657] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:57:39.944 [89531] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:57:39.944 [89531] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:57:39.944 [89531] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:57:39.945 [89531] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:57:39.945 [89531] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:57:40.056 [89531] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:57:40.105 [89531] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:57:40.281 [89531] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:57:40.281 [89537] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:57:40.281 [89541] info communicator.cpp::processor processing starting
2026-01-28 18:57:40.283 [89538] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:57:46.604 [89538] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:57:46.604 [89538] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:57:46.606 [89540] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:57:46.606 [89540] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:57:46.606 [89540] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:57:46.606 [89540] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:57:46.607 [89540] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:57:46.607 [89540] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:57:46.797 [89540] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:57:46.797 [89540] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:57:46.797 [89540] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:57:46.804 [89540] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:57:46.912 [89540] info client.cpp::callSync []
2026-01-28 18:57:47.918 [89540] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:57:47.918 [89540] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:57:48.074 [89540] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:57:51.740 [89537] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:57:52.080 [89540] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:57:52.730 [89541] info communicator.cpp::processor processing exited
2026-01-28 18:58:08.741 [89531] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:58:09.741 [89531] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:58:09.750 [90387] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:58:09.750 [90387] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:58:09.750 [90387] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:58:09.750 [90387] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:58:09.750 [90387] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:58:09.859 [90387] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:58:09.907 [90387] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:58:10.090 [90387] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:58:10.090 [90412] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:58:10.090 [90416] info communicator.cpp::processor processing starting
2026-01-28 18:58:10.092 [90413] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:58:16.425 [90413] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:58:16.425 [90413] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:58:16.427 [90415] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:58:16.427 [90415] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:58:16.427 [90415] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:58:16.427 [90415] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:58:16.427 [90415] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:58:16.427 [90415] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:58:16.623 [90415] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:58:16.623 [90415] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:58:16.623 [90415] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:58:16.628 [90415] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:58:16.732 [90415] info client.cpp::callSync []
2026-01-28 18:58:17.738 [90415] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:58:17.738 [90415] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:58:17.739 [90415] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:58:17.863 [90415] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:58:21.872 [90415] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:58:23.561 [90412] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:58:25.889 [90415] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:58:26.439 [90416] info communicator.cpp::processor processing exited
2026-01-28 18:58:40.563 [90387] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:58:41.563 [90387] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:58:41.574 [91264] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:58:41.574 [91264] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:58:41.574 [91264] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:58:41.574 [91264] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:58:41.574 [91264] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:58:41.683 [91264] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:58:41.733 [91264] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:58:41.917 [91264] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:58:41.917 [91277] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:58:41.917 [91281] info communicator.cpp::processor processing starting
2026-01-28 18:58:41.919 [91278] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:58:48.242 [91278] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:58:48.242 [91278] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:58:48.245 [91280] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:58:48.245 [91280] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:58:48.245 [91280] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:58:48.245 [91280] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:58:48.245 [91280] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:58:48.245 [91280] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:58:48.456 [91280] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:58:48.456 [91280] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:58:48.456 [91280] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:58:48.463 [91280] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:58:48.554 [91280] info client.cpp::callSync []
2026-01-28 18:58:49.559 [91280] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:58:49.559 [91280] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:58:49.702 [91280] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:58:53.709 [91280] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:58:55.386 [91277] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:58:57.728 [91280] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:58:58.591 [91281] info communicator.cpp::processor processing exited
2026-01-28 18:59:12.592 [91264] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:59:13.593 [91264] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:59:13.602 [92080] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:59:13.602 [92080] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:59:13.602 [92080] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:59:13.602 [92080] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:59:13.602 [92080] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:59:13.734 [92080] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:59:13.805 [92080] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:59:13.997 [92080] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:59:13.997 [92107] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:59:13.997 [92111] info communicator.cpp::processor processing starting
2026-01-28 18:59:13.999 [92108] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:59:20.365 [92108] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:59:20.365 [92108] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:59:20.367 [92110] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:59:20.368 [92110] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:59:20.368 [92110] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:59:20.368 [92110] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:59:20.368 [92110] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:59:20.368 [92110] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:59:20.592 [92110] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:59:20.592 [92110] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:59:20.592 [92110] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:59:20.597 [92110] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:59:20.693 [92110] info client.cpp::callSync []
2026-01-28 18:59:21.698 [92110] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:59:21.698 [92110] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:59:21.850 [92110] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:59:25.859 [92110] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:59:26.521 [92107] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 18:59:29.880 [92110] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:59:30.127 [92111] info communicator.cpp::processor processing exited
2026-01-28 18:59:44.128 [92080] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 18:59:45.129 [92080] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 18:59:45.138 [93067] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 18:59:45.138 [93067] info mbdaemon.cpp::main logLevel is info
2026-01-28 18:59:45.138 [93067] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 18:59:45.138 [93067] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 18:59:45.138 [93067] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 18:59:45.246 [93067] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 18:59:45.295 [93067] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 18:59:45.470 [93067] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 18:59:45.470 [93073] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 18:59:45.470 [93077] info communicator.cpp::processor processing starting
2026-01-28 18:59:45.472 [93074] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:59:51.816 [93074] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 18:59:51.816 [93074] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 18:59:51.820 [93076] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 18:59:51.820 [93076] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 18:59:51.820 [93076] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 18:59:51.820 [93076] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 18:59:51.820 [93076] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 18:59:51.820 [93076] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 18:59:52.073 [93076] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 18:59:52.073 [93076] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 18:59:52.074 [93076] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 18:59:52.080 [93076] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 18:59:52.188 [93076] info client.cpp::callSync []
2026-01-28 18:59:53.193 [93076] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 18:59:53.193 [93076] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 18:59:53.345 [93076] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 18:59:57.352 [93076] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 18:59:58.963 [93073] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:00:01.374 [93076] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:00:01.781 [93077] info communicator.cpp::processor processing exited
2026-01-28 19:00:15.965 [93067] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:00:16.965 [93067] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:00:16.975 [94459] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:00:16.975 [94459] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:00:16.975 [94459] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:00:16.975 [94459] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:00:16.975 [94459] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:00:17.108 [94459] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:00:17.181 [94459] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:00:17.358 [94459] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:00:17.358 [94466] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:00:17.358 [94470] info communicator.cpp::processor processing starting
2026-01-28 19:00:17.360 [94467] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:00:23.689 [94467] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:00:23.689 [94467] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:00:23.692 [94469] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:00:23.692 [94469] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:00:23.692 [94469] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:00:23.692 [94469] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:00:23.692 [94469] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:00:23.692 [94469] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:00:23.895 [94469] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:00:23.895 [94469] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:00:23.895 [94469] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:00:23.902 [94469] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:00:24.018 [94469] info client.cpp::callSync []
2026-01-28 19:00:25.023 [94469] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:00:25.023 [94469] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:00:25.107 [94469] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:00:29.114 [94469] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:00:30.831 [94466] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:00:33.136 [94469] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:00:33.621 [94470] info communicator.cpp::processor processing exited
2026-01-28 19:00:47.832 [94459] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:00:48.833 [94459] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:00:48.842 [95296] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:00:48.842 [95296] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:00:48.842 [95296] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:00:48.842 [95296] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:00:48.842 [95296] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:00:49.000 [95296] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:00:49.057 [95296] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:00:49.243 [95296] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:00:49.243 [95330] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:00:49.243 [95334] info communicator.cpp::processor processing starting
2026-01-28 19:00:49.245 [95331] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:00:55.564 [95331] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:00:55.564 [95331] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:00:55.566 [95333] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:00:55.566 [95333] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:00:55.566 [95333] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:00:55.566 [95333] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:00:55.566 [95333] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:00:55.566 [95333] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:00:55.781 [95333] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:00:55.781 [95333] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:00:55.781 [95333] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:00:55.786 [95333] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:00:55.900 [95333] info client.cpp::callSync []
2026-01-28 19:00:56.905 [95333] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:00:56.905 [95333] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:00:56.988 [95333] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:01:00.996 [95333] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:01:02.701 [95330] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:01:05.013 [95333] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:01:05.371 [95334] info communicator.cpp::processor processing exited
2026-01-28 19:01:19.703 [95296] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:01:20.703 [95296] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:01:20.712 [96298] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:01:20.712 [96298] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:01:20.712 [96298] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:01:20.712 [96298] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:01:20.712 [96298] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:01:20.823 [96298] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:01:20.874 [96298] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:01:21.055 [96298] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:01:21.055 [96304] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:01:21.055 [96308] info communicator.cpp::processor processing starting
2026-01-28 19:01:21.057 [96305] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:01:27.379 [96305] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:01:27.379 [96305] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:01:27.381 [96307] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:01:27.381 [96307] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:01:27.381 [96307] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:01:27.381 [96307] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:01:27.381 [96307] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:01:27.381 [96307] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:01:27.652 [96307] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:01:27.652 [96307] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:01:27.652 [96307] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:01:27.657 [96307] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:01:27.761 [96307] info client.cpp::callSync []
2026-01-28 19:01:28.766 [96307] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:01:28.766 [96307] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:01:28.916 [96307] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:01:32.924 [96307] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:01:33.522 [96304] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:01:36.946 [96307] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:01:38.051 [96308] info communicator.cpp::processor processing exited
2026-01-28 19:01:52.053 [96298] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:01:53.053 [96298] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:01:53.063 [97339] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:01:53.063 [97339] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:01:53.063 [97339] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:01:53.063 [97339] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:01:53.063 [97339] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:01:53.171 [97339] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:01:53.226 [97339] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:01:53.407 [97339] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:01:53.407 [97348] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:01:53.407 [97352] info communicator.cpp::processor processing starting
2026-01-28 19:01:53.409 [97349] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:01:58.788 [97349] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:01:58.789 [97349] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:01:58.792 [97351] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:01:58.792 [97351] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:01:58.792 [97351] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:01:58.792 [97351] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:01:58.792 [97351] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:01:58.792 [97351] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:01:58.986 [97351] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:01:58.986 [97351] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:01:58.986 [97351] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:01:58.990 [97351] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:01:59.083 [97351] info client.cpp::callSync []
2026-01-28 19:02:00.087 [97351] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:02:00.088 [97351] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:02:00.212 [97351] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:02:04.217 [97351] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:02:05.930 [97348] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:02:08.236 [97351] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:02:08.711 [97352] info communicator.cpp::processor processing exited
2026-01-28 19:02:22.931 [97339] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:02:23.931 [97339] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:02:23.941 [98244] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:02:23.941 [98244] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:02:23.941 [98244] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:02:23.941 [98244] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:02:23.941 [98244] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:02:24.055 [98244] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:02:24.107 [98244] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:02:24.324 [98244] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:02:24.324 [98259] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:02:24.324 [98263] info communicator.cpp::processor processing starting
2026-01-28 19:02:24.326 [98260] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:02:29.652 [98260] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:02:29.652 [98260] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:02:29.654 [98262] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:02:29.654 [98262] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:02:29.654 [98262] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:02:29.654 [98262] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:02:29.654 [98262] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:02:29.654 [98262] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:02:29.936 [98262] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:02:29.936 [98262] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:02:29.936 [98262] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:02:29.941 [98262] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:02:30.053 [98262] info client.cpp::callSync []
2026-01-28 19:02:31.058 [98262] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:02:31.058 [98262] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:02:31.181 [98262] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:02:33.791 [98259] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:02:35.296 [98263] info communicator.cpp::processor processing exited
2026-01-28 19:02:50.793 [98244] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:02:51.793 [98244] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:02:51.803 [99090] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:02:51.803 [99090] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:02:51.803 [99090] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:02:51.803 [99090] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:02:51.803 [99090] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:02:51.912 [99090] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:02:51.961 [99090] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:02:52.145 [99090] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:02:52.145 [99105] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:02:52.145 [99109] info communicator.cpp::processor processing starting
2026-01-28 19:02:52.147 [99106] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:02:57.470 [99106] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:02:57.470 [99106] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:02:57.472 [99108] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:02:57.472 [99108] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:02:57.472 [99108] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:02:57.472 [99108] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:02:57.472 [99108] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:02:57.472 [99108] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:02:57.664 [99108] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:02:57.664 [99108] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:02:57.664 [99108] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:02:57.669 [99108] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:02:57.761 [99108] info client.cpp::callSync []
2026-01-28 19:02:58.766 [99108] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:02:58.766 [99108] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:02:58.913 [99108] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:03:02.921 [99108] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:03:04.611 [99105] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:03:05.940 [99108] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:03:06.616 [99109] info communicator.cpp::processor processing exited
2026-01-28 19:03:21.612 [99090] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:03:22.612 [99090] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:03:22.621 [100002] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:03:22.622 [100002] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:03:22.622 [100002] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:03:22.622 [100002] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:03:22.622 [100002] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:03:22.731 [100002] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:03:22.780 [100002] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:03:22.957 [100002] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:03:22.957 [100023] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:03:22.957 [100027] info communicator.cpp::processor processing starting
2026-01-28 19:03:22.959 [100024] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:03:25.303 [100024] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:03:25.303 [100024] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:03:26.977 [100026] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:03:26.977 [100026] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:03:26.977 [100026] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:03:26.977 [100026] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:03:26.977 [100026] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:03:26.977 [100026] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:03:27.169 [100026] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:03:27.170 [100026] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:03:27.170 [100026] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:03:27.175 [100026] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:03:27.280 [100026] info client.cpp::callSync []
2026-01-28 19:03:28.286 [100026] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:03:28.286 [100026] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:03:28.434 [100026] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:03:32.441 [100026] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:03:32.443 [100023] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:03:33.897 [100027] info communicator.cpp::processor processing exited
2026-01-28 19:03:49.444 [100002] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:03:50.444 [100002] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:03:50.453 [100890] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:03:50.454 [100890] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:03:50.454 [100890] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:03:50.454 [100890] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:03:50.454 [100890] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:03:50.606 [100890] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:03:50.673 [100890] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:03:50.859 [100890] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:03:50.859 [100908] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:03:50.859 [100912] info communicator.cpp::processor processing starting
2026-01-28 19:03:50.861 [100909] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:03:57.186 [100909] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:03:57.186 [100909] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:03:57.188 [100911] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:03:57.188 [100911] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:03:57.188 [100911] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:03:57.188 [100911] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:03:57.188 [100911] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:03:57.188 [100911] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:03:57.396 [100911] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:03:57.396 [100911] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:03:57.396 [100911] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:03:57.403 [100911] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:03:57.491 [100911] info client.cpp::callSync []
2026-01-28 19:03:58.496 [100911] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:03:58.496 [100911] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:03:58.497 [100911] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:03:58.647 [100911] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:04:02.654 [100911] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:04:03.349 [100908] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:04:06.673 [100911] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:04:07.411 [100912] info communicator.cpp::processor processing exited
2026-01-28 19:04:21.413 [100890] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:04:22.413 [100890] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:04:22.423 [101907] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:04:22.423 [101907] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:04:22.423 [101907] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:04:22.423 [101907] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:04:22.423 [101907] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:04:22.531 [101907] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:04:22.581 [101907] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:04:22.766 [101907] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:04:22.766 [101919] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:04:22.766 [101923] info communicator.cpp::processor processing starting
2026-01-28 19:04:22.768 [101920] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:04:29.123 [101920] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:04:29.123 [101920] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:04:29.126 [101922] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:04:29.126 [101922] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:04:29.126 [101922] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:04:29.126 [101922] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:04:29.126 [101922] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:04:29.126 [101922] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:04:29.322 [101922] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:04:29.322 [101922] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:04:29.322 [101922] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:04:29.327 [101922] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:04:29.438 [101922] info client.cpp::callSync []
2026-01-28 19:04:30.444 [101922] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:04:30.445 [101922] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:04:30.575 [101922] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:04:34.584 [101922] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:04:35.262 [101919] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:04:38.606 [101922] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:04:38.909 [101923] info communicator.cpp::processor processing exited
2026-01-28 19:04:52.911 [101907] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:04:53.911 [101907] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:04:53.920 [102854] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:04:53.920 [102854] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:04:53.920 [102854] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:04:53.920 [102854] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:04:53.920 [102854] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:04:54.028 [102854] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:04:54.077 [102854] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:04:54.250 [102854] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:04:54.251 [102860] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:04:54.251 [102864] info communicator.cpp::processor processing starting
2026-01-28 19:04:54.253 [102861] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:05:00.590 [102861] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:05:00.591 [102861] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:05:00.593 [102863] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:05:00.593 [102863] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:05:00.593 [102863] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:05:00.593 [102863] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:05:00.594 [102863] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:05:00.594 [102863] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:05:00.810 [102863] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:05:00.810 [102863] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:05:00.810 [102863] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:05:00.817 [102863] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:05:00.924 [102863] info client.cpp::callSync []
2026-01-28 19:05:01.931 [102863] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:05:01.931 [102863] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:05:02.036 [102863] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:05:05.736 [102860] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:05:06.045 [102863] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:05:06.752 [102864] info communicator.cpp::processor processing exited
2026-01-28 19:05:22.737 [102854] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:05:23.737 [102854] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:05:23.745 [104004] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:05:23.746 [104004] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:05:23.746 [104004] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:05:23.746 [104004] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:05:23.746 [104004] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:05:23.854 [104004] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:05:23.903 [104004] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:05:24.079 [104004] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:05:24.080 [104016] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:05:24.080 [104020] info communicator.cpp::processor processing starting
2026-01-28 19:05:24.081 [104017] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:05:30.403 [104017] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:05:30.403 [104017] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:05:30.405 [104019] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:05:30.405 [104019] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:05:30.405 [104019] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:05:30.405 [104019] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:05:30.405 [104019] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:05:30.405 [104019] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:05:30.601 [104019] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:05:30.602 [104019] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:05:30.602 [104019] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:05:30.606 [104019] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:05:30.697 [104019] info client.cpp::callSync []
2026-01-28 19:05:31.702 [104019] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:05:31.703 [104019] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:05:31.703 [104019] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:05:31.827 [104019] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:05:34.546 [104016] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:05:35.926 [104020] info communicator.cpp::processor processing exited
2026-01-28 19:05:51.547 [104004] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:05:52.547 [104004] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:05:52.556 [104897] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:05:52.556 [104897] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:05:52.556 [104897] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:05:52.556 [104897] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:05:52.556 [104897] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:05:52.664 [104897] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:05:52.713 [104897] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:05:52.891 [104897] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:05:52.891 [104907] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:05:52.891 [104911] info communicator.cpp::processor processing starting
2026-01-28 19:05:52.893 [104908] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:05:58.220 [104908] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:05:58.221 [104908] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:05:58.223 [104910] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:05:58.223 [104910] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:05:58.223 [104910] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:05:58.223 [104910] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:05:58.223 [104910] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:05:58.223 [104910] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:05:58.433 [104910] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:05:58.433 [104910] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:05:58.433 [104910] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:05:58.438 [104910] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:05:58.557 [104910] info client.cpp::callSync []
2026-01-28 19:05:59.564 [104910] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:05:59.564 [104910] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:05:59.662 [104910] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:06:03.669 [104910] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:06:04.360 [104907] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:06:07.690 [104910] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:06:08.226 [104911] info communicator.cpp::processor processing exited
2026-01-28 19:06:22.227 [104897] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:06:23.227 [104897] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:06:23.238 [105944] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:06:23.238 [105944] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:06:23.238 [105944] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:06:23.238 [105944] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:06:23.238 [105944] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:06:23.347 [105944] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:06:23.397 [105944] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:06:23.575 [105944] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:06:23.576 [105960] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:06:23.576 [105964] info communicator.cpp::processor processing starting
2026-01-28 19:06:23.578 [105961] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:06:29.905 [105961] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:06:29.905 [105961] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:06:29.907 [105963] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:06:29.907 [105963] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:06:29.907 [105963] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:06:29.907 [105963] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:06:29.907 [105963] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:06:29.908 [105963] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:06:30.119 [105963] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:06:30.119 [105963] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:06:30.119 [105963] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:06:30.124 [105963] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:06:30.216 [105963] info client.cpp::callSync []
2026-01-28 19:06:31.221 [105963] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:06:31.221 [105963] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:06:31.355 [105963] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:06:35.363 [105963] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:06:36.043 [105960] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:06:39.382 [105963] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:06:40.093 [105964] info communicator.cpp::processor processing exited
2026-01-28 19:06:54.094 [105944] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:06:55.094 [105944] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:06:55.104 [106829] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:06:55.105 [106829] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:06:55.105 [106829] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:06:55.105 [106829] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:06:55.105 [106829] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:06:55.218 [106829] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:06:55.267 [106829] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:06:55.451 [106829] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:06:55.451 [106854] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:06:55.451 [106858] info communicator.cpp::processor processing starting
2026-01-28 19:06:55.453 [106855] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:07:01.777 [106855] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:07:01.777 [106855] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:07:01.779 [106857] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:07:01.779 [106857] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:07:01.779 [106857] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:07:01.779 [106857] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:07:01.779 [106857] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:07:01.779 [106857] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:07:01.971 [106857] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:07:01.971 [106857] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:07:01.971 [106857] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:07:01.976 [106857] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:07:02.066 [106857] info client.cpp::callSync []
2026-01-28 19:07:03.070 [106857] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:07:03.071 [106857] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:07:03.194 [106857] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:07:07.201 [106857] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:07:07.916 [106854] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:07:11.222 [106857] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:07:12.041 [106858] info communicator.cpp::processor processing exited
2026-01-28 19:07:26.043 [106829] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:07:27.043 [106829] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:07:27.052 [107841] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:07:27.052 [107841] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:07:27.052 [107841] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:07:27.052 [107841] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:07:27.052 [107841] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:07:27.160 [107841] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:07:27.209 [107841] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:07:27.387 [107841] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:07:27.387 [107854] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:07:27.387 [107858] info communicator.cpp::processor processing starting
2026-01-28 19:07:27.389 [107855] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:07:33.709 [107855] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:07:33.709 [107855] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:07:33.711 [107857] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:07:33.711 [107857] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:07:33.711 [107857] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:07:33.711 [107857] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:07:33.711 [107857] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:07:33.711 [107857] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:07:33.906 [107857] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:07:33.906 [107857] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:07:33.906 [107857] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:07:33.911 [107857] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:07:34.007 [107857] info client.cpp::callSync []
2026-01-28 19:07:35.014 [107857] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:07:35.014 [107857] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:07:35.133 [107857] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:07:39.142 [107857] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:07:39.849 [107854] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:07:43.163 [107857] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:07:44.350 [107858] info communicator.cpp::processor processing exited
2026-01-28 19:07:51.350 [107841] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:07:51.360 [108710] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:07:51.360 [108710] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:07:51.360 [108710] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:07:51.360 [108710] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:07:51.360 [108710] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:07:51.468 [108710] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:07:51.516 [108710] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:07:51.687 [108710] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:07:51.687 [108716] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:07:51.687 [108720] info communicator.cpp::processor processing starting
2026-01-28 19:07:51.689 [108717] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:07:58.010 [108717] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:07:58.010 [108717] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:07:58.012 [108719] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:07:58.012 [108719] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:07:58.012 [108719] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:07:58.012 [108719] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:07:58.012 [108719] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:07:58.012 [108719] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:07:58.203 [108719] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:07:58.203 [108719] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:07:58.203 [108719] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:07:58.208 [108719] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:07:58.294 [108719] info client.cpp::callSync []
2026-01-28 19:07:59.299 [108719] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:07:59.299 [108719] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:07:59.443 [108719] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:08:03.452 [108719] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:08:05.154 [108716] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:08:07.472 [108719] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:08:08.172 [108720] info communicator.cpp::processor processing exited
2026-01-28 19:08:22.173 [108710] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:08:23.173 [108710] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:08:23.183 [109745] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:08:23.183 [109745] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:08:23.183 [109745] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:08:23.183 [109745] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:08:23.183 [109745] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:08:23.292 [109745] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:08:23.341 [109745] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:08:23.518 [109745] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:08:23.518 [109757] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:08:23.518 [109761] info communicator.cpp::processor processing starting
2026-01-28 19:08:23.520 [109758] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:08:29.868 [109758] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:08:29.868 [109758] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:08:29.870 [109760] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:08:29.871 [109760] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:08:29.871 [109760] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:08:29.871 [109760] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:08:29.871 [109760] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:08:29.871 [109760] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:08:30.062 [109760] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:08:30.062 [109760] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:08:30.063 [109760] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:08:30.068 [109760] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:08:30.176 [109760] info client.cpp::callSync []
2026-01-28 19:08:31.182 [109760] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:08:31.182 [109760] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:08:31.264 [109760] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:08:35.273 [109760] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:08:36.007 [109757] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:08:39.293 [109760] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:08:40.065 [109761] info communicator.cpp::processor processing exited
2026-01-28 19:08:54.066 [109745] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:08:55.066 [109745] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:08:55.075 [110656] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:08:55.076 [110656] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:08:55.076 [110656] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:08:55.076 [110656] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:08:55.076 [110656] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:08:55.186 [110656] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:08:55.236 [110656] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:08:55.448 [110656] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:08:55.448 [110662] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:08:55.448 [110666] info communicator.cpp::processor processing starting
2026-01-28 19:08:55.450 [110663] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:09:01.774 [110663] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:09:01.775 [110663] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:09:01.777 [110665] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:09:01.777 [110665] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:09:01.777 [110665] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:09:01.777 [110665] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:09:01.777 [110665] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:09:01.777 [110665] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:09:01.971 [110665] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:09:01.971 [110665] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:09:01.971 [110665] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:09:01.976 [110665] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:09:02.067 [110665] info client.cpp::callSync []
2026-01-28 19:09:03.074 [110665] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:09:03.074 [110665] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:09:03.195 [110665] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:09:07.203 [110665] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:09:07.927 [110662] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:09:11.222 [110665] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:09:11.793 [110666] info communicator.cpp::processor processing exited
2026-01-28 19:09:25.794 [110656] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:09:26.794 [110656] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:09:26.803 [111663] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:09:26.803 [111663] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:09:26.803 [111663] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:09:26.803 [111663] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:09:26.803 [111663] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:09:26.912 [111663] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:09:26.962 [111663] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:09:27.141 [111663] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:09:27.141 [111670] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:09:27.141 [111674] info communicator.cpp::processor processing starting
2026-01-28 19:09:27.143 [111671] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:09:33.479 [111671] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:09:33.480 [111671] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:09:33.482 [111673] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:09:33.482 [111673] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:09:33.482 [111673] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:09:33.482 [111673] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:09:33.482 [111673] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:09:33.482 [111673] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:09:33.696 [111673] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:09:33.696 [111673] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:09:33.696 [111673] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:09:33.702 [111673] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:09:33.809 [111673] info client.cpp::callSync []
2026-01-28 19:09:34.816 [111673] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:09:34.816 [111673] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:09:34.918 [111673] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:09:38.926 [111673] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:09:40.628 [111670] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:09:42.945 [111673] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:09:44.051 [111674] info communicator.cpp::processor processing exited
2026-01-28 19:09:58.052 [111663] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:09:59.052 [111663] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:09:59.061 [112583] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:09:59.061 [112583] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:09:59.061 [112583] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:09:59.062 [112583] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:09:59.062 [112583] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:09:59.170 [112583] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:09:59.220 [112583] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:09:59.398 [112583] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:09:59.398 [112604] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:09:59.398 [112608] info communicator.cpp::processor processing starting
2026-01-28 19:09:59.400 [112605] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:10:05.722 [112605] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:10:05.723 [112605] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:10:05.725 [112607] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:10:05.725 [112607] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:10:05.725 [112607] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:10:05.725 [112607] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:10:05.725 [112607] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:10:05.725 [112607] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:10:05.919 [112607] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:10:05.919 [112607] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:10:05.919 [112607] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:10:05.924 [112607] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:10:06.017 [112607] info client.cpp::callSync []
2026-01-28 19:10:07.022 [112607] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:10:07.022 [112607] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:10:07.106 [112607] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:10:10.862 [112604] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:10:11.113 [112607] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:10:11.324 [112608] info communicator.cpp::processor processing exited
2026-01-28 19:10:27.863 [112583] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:10:28.863 [112583] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:10:28.872 [113516] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:10:28.872 [113516] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:10:28.872 [113516] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:10:28.872 [113516] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:10:28.872 [113516] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:10:28.995 [113516] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:10:29.051 [113516] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:10:29.242 [113516] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:10:29.242 [113523] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:10:29.242 [113527] info communicator.cpp::processor processing starting
2026-01-28 19:10:29.244 [113524] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:10:34.570 [113524] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:10:34.571 [113524] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:10:34.573 [113526] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:10:34.573 [113526] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:10:34.573 [113526] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:10:34.573 [113526] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:10:34.573 [113526] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:10:34.573 [113526] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:10:34.767 [113526] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:10:34.767 [113526] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:10:34.767 [113526] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:10:34.773 [113526] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:10:34.880 [113526] info client.cpp::callSync []
2026-01-28 19:10:35.885 [113526] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:10:35.885 [113526] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:10:35.885 [113526] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:10:36.045 [113526] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:10:40.053 [113526] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:10:40.718 [113523] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:10:44.072 [113526] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:10:44.430 [113527] info communicator.cpp::processor processing exited
2026-01-28 19:10:58.431 [113516] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:10:59.431 [113516] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:10:59.441 [114373] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:10:59.441 [114373] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:10:59.441 [114373] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:10:59.441 [114373] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:10:59.441 [114373] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:10:59.618 [114373] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:10:59.683 [114373] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:10:59.866 [114373] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:10:59.866 [114398] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:10:59.867 [114402] info communicator.cpp::processor processing starting
2026-01-28 19:10:59.868 [114399] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:11:05.194 [114399] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:11:05.194 [114399] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:11:05.196 [114401] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:11:05.196 [114401] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:11:05.196 [114401] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:11:05.196 [114401] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:11:05.197 [114401] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:11:05.197 [114401] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:11:05.401 [114401] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:11:05.401 [114401] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:11:05.401 [114401] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:11:05.406 [114401] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:11:05.519 [114401] info client.cpp::callSync []
2026-01-28 19:11:06.525 [114401] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:11:06.525 [114401] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:11:06.607 [114401] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:11:10.334 [114398] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:11:10.615 [114401] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:11:11.325 [114402] info communicator.cpp::processor processing exited
2026-01-28 19:11:27.335 [114373] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:11:28.336 [114373] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:11:28.344 [115296] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:11:28.345 [115296] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:11:28.345 [115296] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:11:28.345 [115296] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:11:28.345 [115296] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:11:28.453 [115296] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:11:28.503 [115296] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:11:28.681 [115296] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:11:28.682 [115302] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:11:28.682 [115306] info communicator.cpp::processor processing starting
2026-01-28 19:11:28.684 [115303] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:11:35.006 [115303] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:11:35.006 [115303] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:11:35.008 [115305] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:11:35.009 [115305] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:11:35.009 [115305] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:11:35.009 [115305] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:11:35.009 [115305] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:11:35.009 [115305] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:11:35.202 [115305] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:11:35.202 [115305] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:11:35.202 [115305] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:11:35.207 [115305] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:11:35.304 [115305] info client.cpp::callSync []
2026-01-28 19:11:36.309 [115305] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:11:36.309 [115305] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:11:36.309 [115305] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:11:36.445 [115305] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:11:40.453 [115305] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:11:42.146 [115302] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:11:44.471 [115305] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:11:45.648 [115306] info communicator.cpp::processor processing exited
2026-01-28 19:11:59.649 [115296] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:12:00.649 [115296] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:12:00.658 [116202] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:12:00.659 [116202] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:12:00.659 [116202] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:12:00.659 [116202] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:12:00.659 [116202] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:12:00.773 [116202] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:12:00.825 [116202] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:12:01.005 [116202] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:12:01.005 [116226] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:12:01.005 [116230] info communicator.cpp::processor processing starting
2026-01-28 19:12:01.007 [116227] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:12:06.346 [116227] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:12:06.346 [116227] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:12:06.350 [116229] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:12:06.350 [116229] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:12:06.350 [116229] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:12:06.350 [116229] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:12:06.350 [116229] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:12:06.350 [116229] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:12:06.638 [116229] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:12:06.638 [116229] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:12:06.638 [116229] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:12:06.643 [116229] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:12:06.735 [116229] info client.cpp::callSync []
2026-01-28 19:12:07.742 [116229] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:12:07.742 [116229] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:12:07.883 [116229] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:12:11.890 [116229] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:12:12.489 [116226] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:12:15.910 [116229] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:12:17.085 [116230] info communicator.cpp::processor processing exited
2026-01-28 19:12:31.086 [116202] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:12:32.086 [116202] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:12:32.095 [117190] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:12:32.095 [117190] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:12:32.095 [117190] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:12:32.095 [117190] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:12:32.095 [117190] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:12:32.204 [117190] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:12:32.253 [117190] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:12:32.428 [117190] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:12:32.428 [117214] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:12:32.428 [117218] info communicator.cpp::processor processing starting
2026-01-28 19:12:32.430 [117215] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:12:38.804 [117215] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:12:38.804 [117215] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:12:38.806 [117217] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:12:38.806 [117217] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:12:38.807 [117217] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:12:38.807 [117217] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:12:38.807 [117217] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:12:38.807 [117217] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:12:39.000 [117217] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:12:39.000 [117217] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:12:39.000 [117217] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:12:39.005 [117217] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:12:39.097 [117217] info client.cpp::callSync []
2026-01-28 19:12:40.102 [117217] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:12:40.102 [117217] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:12:40.250 [117217] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:12:44.258 [117217] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:12:45.941 [117214] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:12:48.283 [117217] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:12:48.881 [117218] info communicator.cpp::processor processing exited
2026-01-28 19:13:02.942 [117190] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:13:03.942 [117190] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:13:03.952 [117746] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:13:03.953 [117746] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:13:03.953 [117746] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:13:03.953 [117746] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:13:03.953 [117746] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:13:04.061 [117746] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:13:04.109 [117746] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:13:04.284 [117746] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:13:04.285 [117752] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:13:04.285 [117756] info communicator.cpp::processor processing starting
2026-01-28 19:13:04.287 [117753] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:13:10.607 [117753] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:13:10.607 [117753] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:13:10.609 [117755] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:13:10.609 [117755] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:13:10.610 [117755] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:13:10.610 [117755] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:13:10.610 [117755] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:13:10.610 [117755] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:13:10.845 [117755] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:13:10.845 [117755] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:13:10.845 [117755] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:13:10.850 [117755] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:13:10.938 [117755] info client.cpp::callSync []
2026-01-28 19:13:11.943 [117755] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:13:11.943 [117755] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:13:12.053 [117755] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:13:16.062 [117755] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:13:17.747 [117752] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:13:20.086 [117755] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:13:21.261 [117756] info communicator.cpp::processor processing exited
2026-01-28 19:13:35.262 [117746] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:13:36.262 [117746] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:13:36.272 [118496] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:13:36.272 [118496] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:13:36.272 [118496] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:13:36.273 [118496] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:13:36.273 [118496] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:13:36.439 [118496] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:13:36.487 [118496] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:13:36.664 [118496] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:13:36.664 [118522] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:13:36.664 [118526] info communicator.cpp::processor processing starting
2026-01-28 19:13:36.666 [118523] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:13:43.010 [118523] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:13:43.010 [118523] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:13:43.014 [118525] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:13:43.014 [118525] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:13:43.014 [118525] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:13:43.014 [118525] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:13:43.014 [118525] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:13:43.014 [118525] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:13:43.214 [118525] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:13:43.214 [118525] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:13:43.214 [118525] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:13:43.219 [118525] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:13:43.311 [118525] info client.cpp::callSync []
2026-01-28 19:13:44.316 [118525] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:13:44.317 [118525] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:13:44.400 [118525] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:13:48.407 [118525] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:13:50.152 [118522] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:13:52.433 [118525] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:13:53.298 [118526] info communicator.cpp::processor processing exited
2026-01-28 19:14:02.298 [118496] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:14:02.309 [119067] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:14:02.310 [119067] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:14:02.310 [119067] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:14:02.310 [119067] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:14:02.310 [119067] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:14:02.418 [119067] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:14:02.466 [119067] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:14:02.641 [119067] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:14:02.642 [119075] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:14:02.642 [119079] info communicator.cpp::processor processing starting
2026-01-28 19:14:02.643 [119076] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:14:08.973 [119076] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:14:08.973 [119076] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:14:08.976 [119078] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:14:08.976 [119078] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:14:08.976 [119078] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:14:08.976 [119078] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:14:08.976 [119078] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:14:08.976 [119078] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:14:09.170 [119078] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:14:09.170 [119078] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:14:09.170 [119078] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:14:09.176 [119078] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:14:09.268 [119078] info client.cpp::callSync []
2026-01-28 19:14:10.274 [119078] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:14:10.274 [119078] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:14:10.417 [119078] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:14:14.140 [119075] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:14:14.424 [119078] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:14:15.065 [119079] info communicator.cpp::processor processing exited
2026-01-28 19:14:31.141 [119067] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:14:32.141 [119067] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:14:32.150 [119585] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:14:32.150 [119585] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:14:32.150 [119585] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:14:32.150 [119585] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:14:32.150 [119585] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:14:32.259 [119585] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:14:32.308 [119585] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:14:32.483 [119585] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:14:32.483 [119591] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:14:32.483 [119595] info communicator.cpp::processor processing starting
2026-01-28 19:14:32.485 [119592] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:14:38.807 [119592] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:14:38.808 [119592] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:14:38.811 [119594] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:14:38.811 [119594] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:14:38.811 [119594] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:14:38.811 [119594] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:14:38.811 [119594] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:14:38.811 [119594] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:14:39.016 [119594] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:14:39.016 [119594] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:14:39.016 [119594] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:14:39.021 [119594] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:14:39.111 [119594] info client.cpp::callSync []
2026-01-28 19:14:40.117 [119594] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:14:40.117 [119594] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:14:40.117 [119594] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:14:40.240 [119594] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:14:44.247 [119594] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:14:44.973 [119591] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:14:48.266 [119594] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:14:49.156 [119595] info communicator.cpp::processor processing exited
2026-01-28 19:15:03.157 [119585] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:15:04.157 [119585] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:15:04.166 [120486] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:15:04.166 [120486] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:15:04.166 [120486] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:15:04.166 [120486] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:15:04.166 [120486] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:15:04.319 [120486] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:15:04.368 [120486] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:15:04.542 [120486] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:15:04.543 [120493] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:15:04.543 [120497] info communicator.cpp::processor processing starting
2026-01-28 19:15:04.544 [120494] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:15:10.864 [120494] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:15:10.864 [120494] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:15:10.866 [120496] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:15:10.866 [120496] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:15:10.866 [120496] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:15:10.866 [120496] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:15:10.866 [120496] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:15:10.866 [120496] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:15:11.060 [120496] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:15:11.060 [120496] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:15:11.060 [120496] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:15:11.064 [120496] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:15:11.177 [120496] info client.cpp::callSync []
2026-01-28 19:15:12.183 [120496] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:15:12.183 [120496] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:15:12.306 [120496] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:15:16.313 [120496] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:15:17.004 [120493] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:15:20.332 [120496] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:15:21.226 [120497] info communicator.cpp::processor processing exited
2026-01-28 19:15:35.227 [120486] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:15:36.227 [120486] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:15:36.236 [121148] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:15:36.237 [121148] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:15:36.237 [121148] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:15:36.237 [121148] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:15:36.237 [121148] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:15:36.345 [121148] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:15:36.395 [121148] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:15:36.572 [121148] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:15:36.573 [121155] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:15:36.573 [121159] info communicator.cpp::processor processing starting
2026-01-28 19:15:36.575 [121156] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:15:41.898 [121156] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:15:41.898 [121156] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:15:41.900 [121158] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:15:41.900 [121158] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:15:41.900 [121158] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:15:41.900 [121158] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:15:41.901 [121158] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:15:41.901 [121158] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:15:42.134 [121158] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:15:42.134 [121158] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:15:42.134 [121158] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:15:42.139 [121158] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:15:42.228 [121158] info client.cpp::callSync []
2026-01-28 19:15:43.233 [121158] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:15:43.233 [121158] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:15:43.345 [121158] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:15:47.353 [121158] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:15:49.039 [121155] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:15:51.373 [121158] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:15:52.181 [121159] info communicator.cpp::processor processing exited
2026-01-28 19:16:06.182 [121148] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:16:07.182 [121148] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:16:07.194 [121962] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:16:07.194 [121962] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:16:07.194 [121962] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:16:07.194 [121962] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:16:07.194 [121962] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:16:07.305 [121962] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:16:07.383 [121962] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:16:07.567 [121962] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:16:07.568 [121978] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:16:07.568 [121982] info communicator.cpp::processor processing starting
2026-01-28 19:16:07.569 [121979] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:16:13.891 [121979] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:16:13.891 [121979] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:16:13.893 [121981] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:16:13.893 [121981] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:16:13.893 [121981] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:16:13.894 [121981] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:16:13.894 [121981] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:16:13.894 [121981] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:16:14.130 [121981] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:16:14.130 [121981] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:16:14.130 [121981] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:16:14.135 [121981] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:16:14.225 [121981] info client.cpp::callSync []
2026-01-28 19:16:15.230 [121981] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:16:15.230 [121981] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:16:15.359 [121981] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:16:19.366 [121981] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:16:21.029 [121978] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:16:23.392 [121981] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:16:23.918 [121982] info communicator.cpp::processor processing exited
2026-01-28 19:16:38.030 [121962] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:16:39.030 [121962] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:16:39.039 [122939] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:16:39.040 [122939] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:16:39.040 [122939] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:16:39.040 [122939] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:16:39.040 [122939] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:16:39.148 [122939] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:16:39.196 [122939] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:16:39.372 [122939] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:16:39.372 [122946] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:16:39.373 [122950] info communicator.cpp::processor processing starting
2026-01-28 19:16:39.374 [122947] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:16:45.693 [122947] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:16:45.693 [122947] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:16:45.695 [122949] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:16:45.695 [122949] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:16:45.695 [122949] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:16:45.695 [122949] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:16:45.696 [122949] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:16:45.696 [122949] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:16:45.889 [122949] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:16:45.889 [122949] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:16:45.889 [122949] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:16:45.894 [122949] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:16:45.985 [122949] info client.cpp::callSync []
2026-01-28 19:16:46.990 [122949] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:16:46.990 [122949] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:16:47.113 [122949] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:16:50.833 [122946] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:16:51.120 [122949] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:16:52.305 [122950] info communicator.cpp::processor processing exited
2026-01-28 19:17:07.834 [122939] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:17:08.834 [122939] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:17:08.843 [124013] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:17:08.843 [124013] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:17:08.843 [124013] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:17:08.843 [124013] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:17:08.843 [124013] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:17:08.951 [124013] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:17:09.001 [124013] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:17:09.174 [124013] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:17:09.175 [124024] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:17:09.175 [124028] info communicator.cpp::processor processing starting
2026-01-28 19:17:09.177 [124025] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:17:15.504 [124025] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:17:15.504 [124025] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:17:15.506 [124027] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:17:15.506 [124027] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:17:15.506 [124027] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:17:15.506 [124027] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:17:15.506 [124027] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:17:15.506 [124027] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:17:15.699 [124027] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:17:15.699 [124027] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:17:15.699 [124027] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:17:15.703 [124027] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:17:15.795 [124027] info client.cpp::callSync []
2026-01-28 19:17:16.800 [124027] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:17:16.800 [124027] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:17:16.800 [124027] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:17:16.931 [124027] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:17:20.939 [124027] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:17:22.643 [124024] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:17:24.959 [124027] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:17:25.631 [124028] info communicator.cpp::processor processing exited
2026-01-28 19:17:39.645 [124013] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:17:40.645 [124013] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:17:40.654 [125004] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:17:40.654 [125004] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:17:40.654 [125004] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:17:40.654 [125004] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:17:40.654 [125004] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:17:40.763 [125004] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:17:40.812 [125004] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:17:40.992 [125004] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:17:40.992 [125030] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:17:40.992 [125034] info communicator.cpp::processor processing starting
2026-01-28 19:17:40.994 [125031] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:17:47.317 [125031] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:17:47.317 [125031] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:17:47.320 [125033] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:17:47.320 [125033] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:17:47.320 [125033] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:17:47.320 [125033] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:17:47.320 [125033] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:17:47.320 [125033] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:17:47.536 [125033] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:17:47.536 [125033] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:17:47.536 [125033] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:17:47.542 [125033] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:17:47.651 [125033] info client.cpp::callSync []
2026-01-28 19:17:48.657 [125033] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:17:48.658 [125033] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:17:48.741 [125033] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:17:52.748 [125033] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:17:54.457 [125030] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:17:56.768 [125033] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:17:57.589 [125034] info communicator.cpp::processor processing exited
2026-01-28 19:18:11.590 [125004] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:18:12.590 [125004] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:18:12.599 [125944] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:18:12.599 [125944] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:18:12.599 [125944] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:18:12.600 [125944] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:18:12.600 [125944] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:18:12.708 [125944] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:18:12.757 [125944] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:18:12.932 [125944] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:18:12.932 [125956] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:18:12.932 [125960] info communicator.cpp::processor processing starting
2026-01-28 19:18:12.934 [125957] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:18:19.350 [125957] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:18:19.350 [125957] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:18:19.352 [125959] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:18:19.352 [125959] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:18:19.352 [125959] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:18:19.352 [125959] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:18:19.352 [125959] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:18:19.352 [125959] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:18:19.564 [125959] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:18:19.564 [125959] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:18:19.564 [125959] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:18:19.571 [125959] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:18:19.663 [125959] info client.cpp::callSync []
2026-01-28 19:18:20.668 [125959] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:18:20.669 [125959] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:18:20.816 [125959] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:18:23.823 [125959] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:18:24.491 [125956] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:18:27.846 [125959] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:18:29.022 [125960] info communicator.cpp::processor processing exited
2026-01-28 19:18:43.023 [125944] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:18:44.023 [125944] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:18:44.034 [126798] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:18:44.035 [126798] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:18:44.035 [126798] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:18:44.035 [126798] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:18:44.035 [126798] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:18:44.143 [126798] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:18:44.193 [126798] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:18:44.376 [126798] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:18:44.376 [126813] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:18:44.377 [126817] info communicator.cpp::processor processing starting
2026-01-28 19:18:44.378 [126814] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:18:50.734 [126814] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:18:50.735 [126814] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:18:50.738 [126816] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:18:50.738 [126816] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:18:50.738 [126816] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:18:50.739 [126816] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:18:50.739 [126816] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:18:50.739 [126816] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:18:50.952 [126816] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:18:50.952 [126816] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:18:50.952 [126816] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:18:50.958 [126816] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:18:51.065 [126816] info client.cpp::callSync []
2026-01-28 19:18:52.072 [126816] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:18:52.072 [126816] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:18:52.190 [126816] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:18:56.198 [126816] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:18:56.877 [126813] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:19:00.217 [126816] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:19:01.055 [126817] info communicator.cpp::processor processing exited
2026-01-28 19:19:15.056 [126798] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:19:16.057 [126798] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:19:16.068 [127822] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:19:16.068 [127822] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:19:16.068 [127822] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:19:16.068 [127822] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:19:16.068 [127822] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:19:16.177 [127822] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:19:16.225 [127822] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:19:16.404 [127822] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:19:16.404 [127829] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:19:16.404 [127833] info communicator.cpp::processor processing starting
2026-01-28 19:19:16.406 [127830] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:19:22.732 [127830] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:19:22.732 [127830] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:19:22.734 [127832] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:19:22.734 [127832] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:19:22.734 [127832] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:19:22.734 [127832] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:19:22.735 [127832] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:19:22.735 [127832] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:19:22.928 [127832] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:19:22.928 [127832] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:19:22.928 [127832] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:19:22.933 [127832] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:19:23.039 [127832] info client.cpp::callSync []
2026-01-28 19:19:24.044 [127832] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:19:24.044 [127832] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:19:24.171 [127832] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:19:28.178 [127832] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:19:28.868 [127829] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:19:32.199 [127832] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:19:32.488 [127833] info communicator.cpp::processor processing exited
2026-01-28 19:19:46.489 [127822] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:19:47.489 [127822] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:19:47.498 [128748] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:19:47.499 [128748] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:19:47.499 [128748] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:19:47.499 [128748] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:19:47.499 [128748] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:19:47.607 [128748] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:19:47.656 [128748] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:19:47.835 [128748] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:19:47.835 [128754] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:19:47.835 [128758] info communicator.cpp::processor processing starting
2026-01-28 19:19:47.837 [128755] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:19:53.167 [128755] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:19:53.167 [128755] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:19:53.169 [128757] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:19:53.169 [128757] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:19:53.169 [128757] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:19:53.169 [128757] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:19:53.170 [128757] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:19:53.170 [128757] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:19:53.362 [128757] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:19:53.362 [128757] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:19:53.362 [128757] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:19:53.367 [128757] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:19:53.454 [128757] info client.cpp::callSync []
2026-01-28 19:19:54.459 [128757] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:19:54.459 [128757] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:19:54.627 [128757] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:19:58.634 [128757] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:20:00.310 [128754] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:20:02.654 [128757] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:20:02.974 [128758] info communicator.cpp::processor processing exited
2026-01-28 19:20:17.311 [128748] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:20:18.311 [128748] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:20:18.321 [129732] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:20:18.321 [129732] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:20:18.322 [129732] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:20:18.322 [129732] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:20:18.322 [129732] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:20:18.431 [129732] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:20:18.480 [129732] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:20:18.672 [129732] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:20:18.672 [129777] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:20:18.672 [129781] info communicator.cpp::processor processing starting
2026-01-28 19:20:18.674 [129778] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:20:24.058 [129778] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:20:24.058 [129778] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:20:24.062 [129780] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:20:24.062 [129780] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:20:24.062 [129780] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:20:24.062 [129780] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:20:24.062 [129780] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:20:24.062 [129780] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:20:24.273 [129780] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:20:24.273 [129780] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:20:24.273 [129780] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:20:24.279 [129780] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:20:24.370 [129780] info client.cpp::callSync []
2026-01-28 19:20:25.375 [129780] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:20:25.375 [129780] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:20:25.518 [129780] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:20:29.527 [129780] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:20:31.203 [129777] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:20:33.553 [129780] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:20:34.725 [129781] info communicator.cpp::processor processing exited
2026-01-28 19:20:48.726 [129732] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:20:49.726 [129732] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:20:49.736 [130660] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:20:49.736 [130660] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:20:49.736 [130660] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:20:49.736 [130660] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:20:49.736 [130660] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:20:49.845 [130660] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:20:49.893 [130660] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:20:50.072 [130660] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:20:50.072 [130667] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:20:50.072 [130671] info communicator.cpp::processor processing starting
2026-01-28 19:20:50.074 [130668] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:20:55.443 [130668] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:20:55.444 [130668] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:20:55.447 [130670] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:20:55.447 [130670] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:20:55.447 [130670] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:20:55.447 [130670] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:20:55.447 [130670] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:20:55.447 [130670] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:20:55.681 [130670] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:20:55.681 [130670] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:20:55.681 [130670] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:20:55.687 [130670] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:20:55.789 [130670] info client.cpp::callSync []
2026-01-28 19:20:56.795 [130670] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:20:56.795 [130670] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:20:56.935 [130670] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:21:00.943 [130670] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:21:01.593 [130667] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:21:04.968 [130670] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:21:06.053 [130671] info communicator.cpp::processor processing exited
2026-01-28 19:21:20.054 [130660] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:21:21.054 [130660] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:21:21.064 [131566] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:21:21.064 [131566] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:21:21.064 [131566] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:21:21.064 [131566] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:21:21.064 [131566] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:21:21.178 [131566] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:21:21.227 [131566] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:21:21.411 [131566] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:21:21.411 [131578] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:21:21.411 [131582] info communicator.cpp::processor processing starting
2026-01-28 19:21:21.413 [131579] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:21:27.734 [131579] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:21:27.735 [131579] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:21:27.737 [131581] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:21:27.737 [131581] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:21:27.737 [131581] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:21:27.737 [131581] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:21:27.737 [131581] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:21:27.737 [131581] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:21:27.930 [131581] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:21:27.931 [131581] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:21:27.931 [131581] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:21:27.937 [131581] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:21:28.027 [131581] info client.cpp::callSync []
2026-01-28 19:21:29.032 [131581] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:21:29.032 [131581] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:21:29.156 [131581] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:21:33.165 [131581] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:21:34.874 [131578] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:21:37.187 [131581] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:21:38.388 [131582] info communicator.cpp::processor processing exited
2026-01-28 19:21:52.389 [131566] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:21:53.389 [131566] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:21:53.398 [132433] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:21:53.398 [132433] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:21:53.398 [132433] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:21:53.398 [132433] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:21:53.398 [132433] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:21:53.506 [132433] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:21:53.555 [132433] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:21:53.732 [132433] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:21:53.732 [132456] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:21:53.732 [132460] info communicator.cpp::processor processing starting
2026-01-28 19:21:53.734 [132457] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:21:59.058 [132457] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:21:59.058 [132457] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:21:59.060 [132459] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:21:59.060 [132459] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:21:59.060 [132459] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:21:59.060 [132459] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:21:59.060 [132459] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:21:59.060 [132459] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:21:59.255 [132459] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:21:59.255 [132459] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:21:59.255 [132459] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:21:59.260 [132459] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:21:59.351 [132459] info client.cpp::callSync []
2026-01-28 19:22:00.356 [132459] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:22:00.356 [132459] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:22:00.501 [132459] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:22:04.506 [132459] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:22:05.237 [132456] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:22:08.532 [132459] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:22:09.143 [132460] info communicator.cpp::processor processing exited
2026-01-28 19:22:23.144 [132433] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:22:24.144 [132433] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:22:24.153 [133443] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:22:24.153 [133443] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:22:24.153 [133443] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:22:24.154 [133443] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:22:24.154 [133443] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:22:24.262 [133443] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:22:24.310 [133443] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:22:24.484 [133443] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:22:24.485 [133454] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:22:24.485 [133458] info communicator.cpp::processor processing starting
2026-01-28 19:22:24.487 [133455] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:22:30.809 [133455] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:22:30.810 [133455] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:22:30.813 [133457] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:22:30.813 [133457] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:22:30.813 [133457] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:22:30.813 [133457] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:22:30.813 [133457] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:22:30.813 [133457] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:22:31.056 [133457] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:22:31.056 [133457] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:22:31.056 [133457] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:22:31.061 [133457] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:22:31.151 [133457] info client.cpp::callSync []
2026-01-28 19:22:32.157 [133457] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:22:32.157 [133457] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:22:32.286 [133457] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:22:36.293 [133457] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:22:36.950 [133454] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:22:40.314 [133457] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:22:41.494 [133458] info communicator.cpp::processor processing exited
2026-01-28 19:22:50.494 [133443] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:22:50.506 [134392] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:22:50.506 [134392] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:22:50.506 [134392] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:22:50.506 [134392] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:22:50.506 [134392] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:22:50.615 [134392] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:22:50.664 [134392] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:22:50.841 [134392] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:22:50.841 [134400] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:22:50.841 [134404] info communicator.cpp::processor processing starting
2026-01-28 19:22:50.843 [134401] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:22:57.167 [134401] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:22:57.168 [134401] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:22:57.170 [134403] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:22:57.170 [134403] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:22:57.170 [134403] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:22:57.170 [134403] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:22:57.170 [134403] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:22:57.170 [134403] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:22:57.384 [134403] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:22:57.384 [134403] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:22:57.384 [134403] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:22:57.390 [134403] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:22:57.498 [134403] info client.cpp::callSync []
2026-01-28 19:22:58.503 [134403] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:22:58.503 [134403] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:22:58.588 [134403] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:23:02.596 [134403] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:23:04.351 [134400] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:23:06.616 [134403] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:23:07.800 [134404] info communicator.cpp::processor processing exited
2026-01-28 19:23:21.801 [134392] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:23:22.801 [134392] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:23:22.810 [135383] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:23:22.811 [135383] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:23:22.811 [135383] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:23:22.811 [135383] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:23:22.811 [135383] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:23:22.927 [135383] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:23:22.980 [135383] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:23:23.178 [135383] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:23:23.178 [135410] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:23:23.178 [135414] info communicator.cpp::processor processing starting
2026-01-28 19:23:23.180 [135411] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:23:29.543 [135411] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:23:29.543 [135411] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:23:29.546 [135413] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:23:29.546 [135413] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:23:29.546 [135413] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:23:29.546 [135413] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:23:29.546 [135413] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:23:29.546 [135413] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:23:29.738 [135413] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:23:29.738 [135413] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:23:29.738 [135413] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:23:29.743 [135413] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:23:29.836 [135413] info client.cpp::callSync []
2026-01-28 19:23:30.841 [135413] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:23:30.841 [135413] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:23:30.927 [135413] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:23:33.683 [135410] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:23:35.028 [135414] info communicator.cpp::processor processing exited
2026-01-28 19:23:50.684 [135383] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:23:51.685 [135383] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:23:51.693 [136343] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:23:51.694 [136343] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:23:51.694 [136343] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:23:51.694 [136343] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:23:51.694 [136343] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:23:51.802 [136343] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:23:51.850 [136343] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:23:52.029 [136343] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:23:52.029 [136349] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:23:52.029 [136353] info communicator.cpp::processor processing starting
2026-01-28 19:23:52.031 [136350] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:23:58.375 [136350] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:23:58.375 [136350] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:23:58.379 [136352] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:23:58.379 [136352] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:23:58.379 [136352] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:23:58.379 [136352] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:23:58.379 [136352] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:23:58.379 [136352] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:23:58.611 [136352] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:23:58.611 [136352] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:23:58.611 [136352] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:23:58.616 [136352] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:23:58.716 [136352] info client.cpp::callSync []
2026-01-28 19:23:59.723 [136352] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:23:59.723 [136352] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:23:59.859 [136352] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:24:03.866 [136352] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:24:04.520 [136349] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:24:07.886 [136352] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:24:08.836 [136353] info communicator.cpp::processor processing exited
2026-01-28 19:24:22.838 [136343] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:24:23.838 [136343] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:24:23.847 [137270] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:24:23.847 [137270] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:24:23.847 [137270] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:24:23.848 [137270] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:24:23.848 [137270] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:24:23.957 [137270] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:24:24.006 [137270] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:24:24.184 [137270] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:24:24.184 [137295] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:24:24.184 [137299] info communicator.cpp::processor processing starting
2026-01-28 19:24:24.186 [137296] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:24:30.511 [137296] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:24:30.511 [137296] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:24:30.513 [137298] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:24:30.513 [137298] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:24:30.513 [137298] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:24:30.513 [137298] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:24:30.513 [137298] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:24:30.514 [137298] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:24:30.731 [137298] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:24:30.731 [137298] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:24:30.731 [137298] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:24:30.737 [137298] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:24:30.844 [137298] info client.cpp::callSync []
2026-01-28 19:24:31.850 [137298] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:24:31.850 [137298] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:24:31.979 [137298] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:24:35.987 [137298] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:24:36.651 [137295] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:24:40.006 [137298] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:24:41.197 [137299] info communicator.cpp::processor processing exited
2026-01-28 19:24:55.198 [137270] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:24:56.198 [137270] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:24:56.208 [138177] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:24:56.208 [138177] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:24:56.208 [138177] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:24:56.208 [138177] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:24:56.208 [138177] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:24:56.317 [138177] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:24:56.367 [138177] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:24:56.553 [138177] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:24:56.553 [138207] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:24:56.553 [138211] info communicator.cpp::processor processing starting
2026-01-28 19:24:56.555 [138208] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:25:02.879 [138208] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:25:02.879 [138208] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:25:02.881 [138210] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:25:02.881 [138210] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:25:02.881 [138210] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:25:02.881 [138210] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:25:02.881 [138210] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:25:02.881 [138210] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:25:03.073 [138210] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:25:03.074 [138210] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:25:03.074 [138210] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:25:03.078 [138210] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:25:03.187 [138210] info client.cpp::callSync []
2026-01-28 19:25:04.194 [138210] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:25:04.194 [138210] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:25:04.339 [138210] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:25:08.347 [138210] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:25:09.021 [138207] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:25:12.370 [138210] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:25:13.567 [138211] info communicator.cpp::processor processing exited
2026-01-28 19:25:27.568 [138177] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:25:28.568 [138177] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:25:28.578 [139225] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:25:28.578 [139225] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:25:28.578 [139225] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:25:28.578 [139225] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:25:28.578 [139225] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:25:28.686 [139225] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:25:28.736 [139225] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:25:28.911 [139225] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:25:28.911 [139237] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:25:28.911 [139241] info communicator.cpp::processor processing starting
2026-01-28 19:25:28.913 [139238] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:25:35.245 [139238] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:25:35.245 [139238] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:25:35.247 [139240] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:25:35.247 [139240] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:25:35.247 [139240] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:25:35.247 [139240] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:25:35.248 [139240] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:25:35.248 [139240] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:25:35.459 [139240] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:25:35.460 [139240] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:25:35.460 [139240] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:25:35.466 [139240] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:25:35.575 [139240] info client.cpp::callSync []
2026-01-28 19:25:36.582 [139240] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:25:36.582 [139240] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:25:36.704 [139240] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:25:40.390 [139237] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:25:40.710 [139240] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:25:41.357 [139241] info communicator.cpp::processor processing exited
2026-01-28 19:25:57.391 [139225] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:25:58.391 [139225] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:25:58.401 [140011] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:25:58.402 [140011] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:25:58.402 [140011] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:25:58.402 [140011] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:25:58.402 [140011] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:25:58.510 [140011] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:25:58.559 [140011] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:25:58.742 [140011] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:25:58.742 [140027] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:25:58.742 [140032] info communicator.cpp::processor processing starting
2026-01-28 19:25:58.744 [140028] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:26:05.104 [140028] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:26:05.104 [140028] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:26:05.107 [140030] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:26:05.107 [140030] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:26:05.107 [140030] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:26:05.107 [140030] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:26:05.108 [140030] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:26:05.108 [140030] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:26:05.314 [140030] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:26:05.314 [140030] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:26:05.314 [140030] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:26:05.319 [140030] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:26:05.424 [140030] info client.cpp::callSync []
2026-01-28 19:26:06.429 [140030] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:26:06.429 [140030] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:26:06.429 [140030] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:26:06.558 [140030] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:26:10.565 [140030] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:26:12.246 [140027] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:26:14.585 [140030] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:26:15.763 [140032] info communicator.cpp::processor processing exited
2026-01-28 19:26:29.764 [140011] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:26:30.764 [140011] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:26:30.775 [140958] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:26:30.776 [140958] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:26:30.776 [140958] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:26:30.776 [140958] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:26:30.776 [140958] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:26:30.926 [140958] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:26:30.976 [140958] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:26:31.154 [140958] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:26:31.154 [140972] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:26:31.154 [140976] info communicator.cpp::processor processing starting
2026-01-28 19:26:31.156 [140973] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:26:35.485 [140973] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:26:35.485 [140973] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:26:35.487 [140975] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:26:35.487 [140975] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:26:35.488 [140975] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:26:35.488 [140975] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:26:35.488 [140975] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:26:35.488 [140975] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:26:35.736 [140975] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:26:35.736 [140975] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:26:35.736 [140975] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:26:35.743 [140975] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:26:35.833 [140975] info client.cpp::callSync []
2026-01-28 19:26:36.838 [140975] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:26:36.838 [140975] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:26:36.982 [140975] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:26:40.990 [140975] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:26:42.624 [140972] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:26:45.013 [140975] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:26:45.583 [140976] info communicator.cpp::processor processing exited
2026-01-28 19:26:59.625 [140958] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:27:00.625 [140958] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:27:00.635 [141912] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:27:00.635 [141912] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:27:00.635 [141912] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:27:00.635 [141912] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:27:00.635 [141912] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:27:00.743 [141912] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:27:00.793 [141912] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:27:00.969 [141912] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:27:00.969 [141927] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:27:00.969 [141931] info communicator.cpp::processor processing starting
2026-01-28 19:27:00.971 [141928] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:27:07.295 [141928] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:27:07.295 [141928] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:27:07.297 [141930] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:27:07.297 [141930] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:27:07.297 [141930] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:27:07.297 [141930] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:27:07.297 [141930] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:27:07.297 [141930] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:27:07.491 [141930] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:27:07.491 [141930] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:27:07.491 [141930] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:27:07.497 [141930] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:27:07.624 [141930] info client.cpp::callSync []
2026-01-28 19:27:08.629 [141930] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:27:08.629 [141930] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:27:08.721 [141930] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:27:12.728 [141930] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:27:13.432 [141927] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:27:16.749 [141930] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:27:17.597 [141931] info communicator.cpp::processor processing exited
2026-01-28 19:27:31.598 [141912] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:27:32.599 [141912] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:27:32.608 [143011] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:27:32.608 [143011] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:27:32.608 [143011] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:27:32.608 [143011] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:27:32.608 [143011] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:27:32.716 [143011] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:27:32.766 [143011] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:27:32.946 [143011] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:27:32.946 [143017] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:27:32.946 [143021] info communicator.cpp::processor processing starting
2026-01-28 19:27:32.948 [143018] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:27:39.270 [143018] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:27:39.271 [143018] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:27:39.273 [143020] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:27:39.273 [143020] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:27:39.273 [143020] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:27:39.273 [143020] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:27:39.273 [143020] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:27:39.273 [143020] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:27:39.491 [143020] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:27:39.491 [143020] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:27:39.491 [143020] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:27:39.496 [143020] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:27:39.584 [143020] info client.cpp::callSync []
2026-01-28 19:27:40.589 [143020] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:27:40.589 [143020] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:27:40.708 [143020] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:27:44.411 [143017] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:27:44.715 [143020] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:27:44.935 [143021] info communicator.cpp::processor processing exited
2026-01-28 19:28:01.413 [143011] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:28:02.413 [143011] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:28:02.422 [143958] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:28:02.422 [143958] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:28:02.422 [143958] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:28:02.422 [143958] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:28:02.422 [143958] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:28:02.531 [143958] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:28:02.580 [143958] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:28:02.757 [143958] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:28:02.757 [143987] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:28:02.757 [143991] info communicator.cpp::processor processing starting
2026-01-28 19:28:02.759 [143988] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:28:08.080 [143988] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:28:08.081 [143988] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:28:08.083 [143990] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:28:08.083 [143990] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:28:08.083 [143990] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:28:08.083 [143990] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:28:08.083 [143990] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:28:08.083 [143990] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:28:08.275 [143990] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:28:08.276 [143990] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:28:08.276 [143990] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:28:08.282 [143990] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:28:08.369 [143990] info client.cpp::callSync []
2026-01-28 19:28:09.373 [143990] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:28:09.374 [143990] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:28:09.374 [143990] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:28:09.514 [143990] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:28:10.249 [143987] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:28:13.631 [143991] info communicator.cpp::processor processing exited
2026-01-28 19:28:27.632 [143958] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:28:28.632 [143958] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:28:28.641 [144954] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:28:28.641 [144954] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:28:28.641 [144954] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:28:28.641 [144954] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:28:28.641 [144954] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:28:28.750 [144954] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:28:28.799 [144954] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:28:28.990 [144954] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:28:28.990 [144973] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:28:28.990 [144977] info communicator.cpp::processor processing starting
2026-01-28 19:28:28.992 [144974] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:28:35.380 [144974] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:28:35.381 [144974] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:28:35.384 [144976] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:28:35.384 [144976] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:28:35.384 [144976] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:28:35.384 [144976] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:28:35.384 [144976] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:28:35.384 [144976] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:28:35.576 [144976] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:28:35.576 [144976] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:28:35.577 [144976] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:28:35.581 [144976] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:28:35.684 [144976] info client.cpp::callSync []
2026-01-28 19:28:36.689 [144976] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:28:36.689 [144976] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:28:36.834 [144976] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:28:40.843 [144976] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:28:42.521 [144973] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:28:44.861 [144976] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:28:45.389 [144977] info communicator.cpp::processor processing exited
2026-01-28 19:28:59.522 [144954] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:29:00.522 [144954] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:29:00.532 [145967] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:29:00.532 [145967] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:29:00.532 [145967] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:29:00.532 [145967] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:29:00.532 [145967] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:29:00.641 [145967] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:29:00.691 [145967] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:29:00.867 [145967] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:29:00.867 [145976] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:29:00.867 [145980] info communicator.cpp::processor processing starting
2026-01-28 19:29:00.869 [145977] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:29:05.190 [145977] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:29:05.191 [145977] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:29:05.193 [145979] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:29:05.193 [145979] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:29:05.193 [145979] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:29:05.193 [145979] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:29:05.193 [145979] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:29:05.193 [145979] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:29:05.384 [145979] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:29:05.384 [145979] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:29:05.384 [145979] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:29:05.389 [145979] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:29:05.476 [145979] info client.cpp::callSync []
2026-01-28 19:29:06.481 [145979] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:29:06.482 [145979] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:29:06.642 [145979] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:29:10.649 [145979] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:29:12.329 [145976] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:29:14.669 [145979] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:29:15.523 [145980] info communicator.cpp::processor processing exited
2026-01-28 19:29:29.524 [145967] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:29:30.524 [145967] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:29:30.533 [146838] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:29:30.534 [146838] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:29:30.534 [146838] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:29:30.534 [146838] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:29:30.534 [146838] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:29:30.642 [146838] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:29:30.692 [146838] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:29:30.871 [146838] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:29:30.872 [146845] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:29:30.872 [146849] info communicator.cpp::processor processing starting
2026-01-28 19:29:30.874 [146846] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:29:37.200 [146846] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:29:37.200 [146846] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:29:37.203 [146848] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:29:37.203 [146848] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:29:37.203 [146848] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:29:37.203 [146848] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:29:37.203 [146848] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:29:37.203 [146848] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:29:37.415 [146848] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:29:37.415 [146848] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:29:37.415 [146848] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:29:37.421 [146848] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:29:37.509 [146848] info client.cpp::callSync []
2026-01-28 19:29:38.514 [146848] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:29:38.514 [146848] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:29:38.648 [146848] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:29:41.347 [146845] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:29:42.741 [146849] info communicator.cpp::processor processing exited
2026-01-28 19:29:58.348 [146838] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:29:59.348 [146838] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:29:59.357 [147567] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:29:59.357 [147567] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:29:59.357 [147567] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:29:59.357 [147567] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:29:59.357 [147567] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:29:59.465 [147567] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:29:59.516 [147567] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:29:59.696 [147567] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:29:59.697 [147595] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:29:59.697 [147599] info communicator.cpp::processor processing starting
2026-01-28 19:29:59.699 [147596] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:30:04.023 [147596] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:30:04.023 [147596] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:30:04.025 [147598] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:30:04.025 [147598] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:30:04.025 [147598] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:30:04.025 [147598] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:30:04.025 [147598] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:30:04.025 [147598] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:30:04.219 [147598] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:30:04.219 [147598] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:30:04.219 [147598] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:30:04.224 [147598] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:30:04.315 [147598] info client.cpp::callSync []
2026-01-28 19:30:05.320 [147598] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:30:05.321 [147598] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:30:05.444 [147598] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:30:09.174 [147595] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:30:09.451 [147598] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:30:10.598 [147599] info communicator.cpp::processor processing exited
2026-01-28 19:30:26.176 [147567] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:30:27.176 [147567] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:30:27.184 [148592] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:30:27.185 [148592] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:30:27.185 [148592] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:30:27.185 [148592] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:30:27.185 [148592] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:30:27.293 [148592] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:30:27.342 [148592] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:30:27.522 [148592] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:30:27.523 [148612] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:30:27.523 [148616] info communicator.cpp::processor processing starting
2026-01-28 19:30:27.524 [148613] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:30:32.851 [148613] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:30:32.851 [148613] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:30:32.855 [148615] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:30:32.855 [148615] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:30:32.855 [148615] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:30:32.855 [148615] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:30:32.855 [148615] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:30:32.855 [148615] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:30:33.050 [148615] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:30:33.050 [148615] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:30:33.050 [148615] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:30:33.057 [148615] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:30:33.177 [148615] info client.cpp::callSync []
2026-01-28 19:30:34.183 [148615] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:30:34.184 [148615] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:30:34.184 [148615] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:30:34.266 [148615] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:30:38.274 [148615] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:30:39.000 [148612] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:30:42.293 [148615] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:30:43.483 [148616] info communicator.cpp::processor processing exited
2026-01-28 19:30:57.484 [148592] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:31:00.098 [148592] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:31:00.109 [149576] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:31:00.109 [149576] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:31:00.109 [149576] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:31:00.109 [149576] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:31:00.109 [149576] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:31:00.220 [149576] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:31:00.269 [149576] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:31:00.454 [149576] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:31:00.455 [149582] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:31:00.455 [149586] info communicator.cpp::processor processing starting
2026-01-28 19:31:00.457 [149583] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:31:06.783 [149583] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:31:06.783 [149583] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:31:06.786 [149585] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:31:06.786 [149585] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:31:06.787 [149585] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:31:06.787 [149585] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:31:06.787 [149585] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:31:06.787 [149585] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:31:07.078 [149585] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:31:07.079 [149585] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:31:07.079 [149585] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:31:07.085 [149585] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:31:07.193 [149585] info client.cpp::callSync []
2026-01-28 19:31:08.199 [149585] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:31:08.200 [149585] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:31:08.321 [149585] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:31:10.928 [149582] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:31:12.426 [149586] info communicator.cpp::processor processing exited
2026-01-28 19:31:27.929 [149576] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:31:28.929 [149576] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:31:28.938 [150500] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:31:28.938 [150500] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:31:28.938 [150500] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:31:28.938 [150500] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:31:28.938 [150500] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:31:29.047 [150500] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:31:29.096 [150500] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:31:29.276 [150500] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:31:29.276 [150515] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:31:29.276 [150519] info communicator.cpp::processor processing starting
2026-01-28 19:31:29.278 [150516] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:31:35.604 [150516] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:31:35.604 [150516] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:31:35.606 [150518] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:31:35.607 [150518] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:31:35.607 [150518] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:31:35.607 [150518] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:31:35.607 [150518] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:31:35.607 [150518] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:31:35.797 [150518] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:31:35.797 [150518] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:31:35.797 [150518] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:31:35.801 [150518] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:31:35.892 [150518] info client.cpp::callSync []
2026-01-28 19:31:36.897 [150518] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:31:36.897 [150518] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:31:37.017 [150518] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:31:41.026 [150518] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:31:42.747 [150515] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:31:45.051 [150518] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:31:46.222 [150519] info communicator.cpp::processor processing exited
2026-01-28 19:32:00.223 [150500] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:32:01.223 [150500] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:32:01.233 [151381] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:32:01.233 [151381] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:32:01.233 [151381] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:32:01.233 [151381] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:32:01.233 [151381] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:32:01.342 [151381] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:32:01.390 [151381] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:32:01.566 [151381] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:32:01.566 [151387] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:32:01.566 [151391] info communicator.cpp::processor processing starting
2026-01-28 19:32:01.568 [151388] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:32:07.892 [151388] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:32:07.892 [151388] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:32:07.894 [151390] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:32:07.894 [151390] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:32:07.894 [151390] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:32:07.894 [151390] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:32:07.894 [151390] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:32:07.894 [151390] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:32:08.102 [151390] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:32:08.102 [151390] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:32:08.102 [151390] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:32:08.107 [151390] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:32:08.194 [151390] info client.cpp::callSync []
2026-01-28 19:32:09.199 [151390] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:32:09.199 [151390] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:32:09.337 [151390] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:32:13.346 [151390] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:32:14.032 [151387] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:32:17.373 [151390] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:32:18.375 [151391] info communicator.cpp::processor processing exited
2026-01-28 19:32:23.375 [151381] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:32:23.385 [152040] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:32:23.385 [152040] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:32:23.385 [152040] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:32:23.385 [152040] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:32:23.385 [152040] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:32:23.496 [152040] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:32:23.576 [152040] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:32:23.785 [152040] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:32:23.785 [152052] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:32:23.785 [152056] info communicator.cpp::processor processing starting
2026-01-28 19:32:23.787 [152053] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:32:30.114 [152053] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:32:30.114 [152053] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:32:30.116 [152055] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:32:30.116 [152055] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:32:30.116 [152055] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:32:30.116 [152055] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:32:30.117 [152055] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:32:30.117 [152055] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:32:30.331 [152055] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:32:30.331 [152055] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:32:30.331 [152055] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:32:30.336 [152055] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:32:30.426 [152055] info client.cpp::callSync []
2026-01-28 19:32:31.431 [152055] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:32:31.432 [152055] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:32:31.576 [152055] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:32:35.583 [152055] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:32:36.255 [152052] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:32:39.602 [152055] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:32:39.806 [152056] info communicator.cpp::processor processing exited
2026-01-28 19:32:53.807 [152040] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:32:54.807 [152040] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:32:54.817 [153044] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:32:54.817 [153044] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:32:54.817 [153044] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:32:54.817 [153044] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:32:54.817 [153044] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:32:54.939 [153044] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:32:55.018 [153044] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:32:55.211 [153044] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:32:55.212 [153052] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:32:55.212 [153056] info communicator.cpp::processor processing starting
2026-01-28 19:32:55.213 [153053] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:33:01.557 [153053] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:33:01.557 [153053] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:33:01.559 [153055] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:33:01.560 [153055] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:33:01.560 [153055] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:33:01.560 [153055] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:33:01.560 [153055] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:33:01.560 [153055] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:33:01.772 [153055] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:33:01.772 [153055] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:33:01.772 [153055] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:33:01.777 [153055] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:33:01.890 [153055] info client.cpp::callSync []
2026-01-28 19:33:02.896 [153055] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:33:02.896 [153055] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:33:03.017 [153055] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:33:07.024 [153055] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:33:08.734 [153052] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:33:11.045 [153055] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:33:11.363 [153056] info communicator.cpp::processor processing exited
2026-01-28 19:33:25.735 [153044] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:33:26.735 [153044] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:33:26.744 [154140] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:33:26.744 [154140] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:33:26.744 [154140] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:33:26.744 [154140] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:33:26.744 [154140] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:33:26.854 [154140] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:33:26.904 [154140] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:33:27.110 [154140] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:33:27.110 [154176] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:33:27.110 [154180] info communicator.cpp::processor processing starting
2026-01-28 19:33:27.112 [154177] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:33:32.434 [154177] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:33:32.435 [154177] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:33:32.437 [154179] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:33:32.437 [154179] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:33:32.437 [154179] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:33:32.437 [154179] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:33:32.437 [154179] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:33:32.437 [154179] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:33:32.629 [154179] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:33:32.629 [154179] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:33:32.629 [154179] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:33:32.634 [154179] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:33:32.725 [154179] info client.cpp::callSync []
2026-01-28 19:33:33.730 [154179] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:33:33.730 [154179] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:33:33.883 [154179] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:33:37.892 [154179] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:33:39.575 [154176] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:33:41.915 [154179] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:33:43.003 [154180] info communicator.cpp::processor processing exited
2026-01-28 19:33:57.004 [154140] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:33:58.004 [154140] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:33:58.015 [155161] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:33:58.015 [155161] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:33:58.015 [155161] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:33:58.015 [155161] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:33:58.015 [155161] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:33:58.129 [155161] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:33:58.181 [155161] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:33:58.359 [155161] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:33:58.359 [155177] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:33:58.359 [155181] info communicator.cpp::processor processing starting
2026-01-28 19:33:58.361 [155178] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:34:03.709 [155178] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:34:03.710 [155178] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:34:03.712 [155180] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:34:03.712 [155180] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:34:03.712 [155180] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:34:03.712 [155180] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:34:03.712 [155180] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:34:03.712 [155180] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:34:03.926 [155180] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:34:03.926 [155180] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:34:03.926 [155180] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:34:03.933 [155180] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:34:04.059 [155180] info client.cpp::callSync []
2026-01-28 19:34:05.064 [155180] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:34:05.064 [155180] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:34:05.206 [155180] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:34:09.215 [155180] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:34:09.856 [155177] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:34:13.235 [155180] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:34:13.700 [155181] info communicator.cpp::processor processing exited
2026-01-28 19:34:27.701 [155161] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:34:28.701 [155161] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:34:28.711 [156166] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:34:28.711 [156166] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:34:28.711 [156166] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:34:28.711 [156166] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:34:28.711 [156166] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:34:28.870 [156166] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:34:28.919 [156166] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:34:29.089 [156166] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:34:29.089 [156173] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:34:29.089 [156177] info communicator.cpp::processor processing starting
2026-01-28 19:34:29.091 [156174] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:34:35.412 [156174] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:34:35.412 [156174] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:34:35.415 [156176] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:34:35.415 [156176] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:34:35.415 [156176] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:34:35.415 [156176] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:34:35.415 [156176] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:34:35.415 [156176] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:34:35.619 [156176] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:34:35.619 [156176] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:34:35.619 [156176] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:34:35.624 [156176] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:34:35.717 [156176] info client.cpp::callSync []
2026-01-28 19:34:36.722 [156176] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:34:36.722 [156176] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:34:36.871 [156176] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:34:40.878 [156176] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:34:42.553 [156173] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:34:44.898 [156176] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:34:45.975 [156177] info communicator.cpp::processor processing exited
2026-01-28 19:34:59.976 [156166] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:35:00.976 [156166] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:35:00.986 [157054] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:35:00.986 [157054] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:35:00.986 [157054] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:35:00.986 [157054] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:35:00.986 [157054] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:35:01.094 [157054] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:35:01.144 [157054] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:35:01.330 [157054] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:35:01.330 [157089] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:35:01.331 [157093] info communicator.cpp::processor processing starting
2026-01-28 19:35:01.332 [157090] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:35:07.657 [157090] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:35:07.657 [157090] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:35:07.659 [157092] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:35:07.659 [157092] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:35:07.659 [157092] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:35:07.659 [157092] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:35:07.660 [157092] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:35:07.660 [157092] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:35:07.872 [157092] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:35:07.872 [157092] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:35:07.872 [157092] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:35:07.877 [157092] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:35:07.965 [157092] info client.cpp::callSync []
2026-01-28 19:35:08.970 [157092] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:35:08.970 [157092] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:35:09.121 [157092] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:35:13.129 [157092] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:35:14.799 [157089] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:35:17.148 [157092] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:35:17.586 [157093] info communicator.cpp::processor processing exited
2026-01-28 19:35:31.800 [157054] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:35:32.800 [157054] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:35:32.809 [157960] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:35:32.810 [157960] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:35:32.810 [157960] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:35:32.810 [157960] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:35:32.810 [157960] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:35:32.918 [157960] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:35:32.967 [157960] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:35:33.149 [157960] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:35:33.149 [157967] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:35:33.149 [157971] info communicator.cpp::processor processing starting
2026-01-28 19:35:33.151 [157968] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:35:39.485 [157968] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:35:39.485 [157968] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:35:39.488 [157970] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:35:39.488 [157970] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:35:39.488 [157970] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:35:39.488 [157970] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:35:39.488 [157970] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:35:39.488 [157970] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:35:39.701 [157970] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:35:39.702 [157970] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:35:39.702 [157970] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:35:39.709 [157970] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:35:39.795 [157970] info client.cpp::callSync []
2026-01-28 19:35:40.800 [157970] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:35:40.800 [157970] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:35:40.899 [157970] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:35:44.906 [157970] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:35:46.627 [157967] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:35:48.926 [157970] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:35:50.013 [157971] info communicator.cpp::processor processing exited
2026-01-28 19:36:04.014 [157960] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:36:05.014 [157960] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:36:05.025 [159061] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:36:05.025 [159061] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:36:05.025 [159061] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:36:05.025 [159061] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:36:05.025 [159061] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:36:05.134 [159061] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:36:05.183 [159061] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:36:05.371 [159061] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:36:05.371 [159069] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:36:05.371 [159073] info communicator.cpp::processor processing starting
2026-01-28 19:36:05.373 [159070] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:36:11.704 [159070] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:36:11.704 [159070] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:36:11.707 [159072] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:36:11.707 [159072] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:36:11.707 [159072] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:36:11.707 [159072] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:36:11.707 [159072] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:36:11.707 [159072] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:36:11.899 [159072] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:36:11.899 [159072] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:36:11.899 [159072] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:36:11.905 [159072] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:36:11.997 [159072] info client.cpp::callSync []
2026-01-28 19:36:13.002 [159072] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:36:13.002 [159072] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:36:13.144 [159072] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:36:17.149 [159072] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:36:18.845 [159069] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:36:21.172 [159072] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:36:21.743 [159073] info communicator.cpp::processor processing exited
2026-01-28 19:36:35.846 [159061] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:36:36.846 [159061] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:36:36.855 [160028] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:36:36.856 [160028] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:36:36.856 [160028] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:36:36.856 [160028] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:36:36.856 [160028] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:36:36.964 [160028] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:36:37.014 [160028] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:36:37.204 [160028] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:36:37.204 [160041] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:36:37.204 [160045] info communicator.cpp::processor processing starting
2026-01-28 19:36:37.204 [160042] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:36:42.544 [160042] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:36:42.544 [160042] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:36:42.548 [160044] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:36:42.548 [160044] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:36:42.548 [160044] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:36:42.548 [160044] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:36:42.548 [160044] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:36:42.548 [160044] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:36:42.802 [160044] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:36:42.802 [160044] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:36:42.802 [160044] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:36:42.809 [160044] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:36:42.926 [160044] info client.cpp::callSync []
2026-01-28 19:36:43.932 [160044] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:36:43.932 [160044] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:36:44.053 [160044] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:36:48.061 [160044] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:36:49.687 [160041] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:36:52.083 [160044] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:36:52.581 [160045] info communicator.cpp::processor processing exited
2026-01-28 19:37:06.688 [160028] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:37:07.689 [160028] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:37:07.698 [160977] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:37:07.698 [160977] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:37:07.698 [160977] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:37:07.698 [160977] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:37:07.698 [160977] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:37:07.806 [160977] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:37:07.855 [160977] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:37:08.028 [160977] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:37:08.028 [160986] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:37:08.028 [160990] info communicator.cpp::processor processing starting
2026-01-28 19:37:08.030 [160987] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:37:14.355 [160987] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:37:14.355 [160987] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:37:14.357 [160989] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:37:14.357 [160989] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:37:14.357 [160989] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:37:14.357 [160989] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:37:14.357 [160989] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:37:14.357 [160989] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:37:14.551 [160989] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:37:14.551 [160989] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:37:14.551 [160989] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:37:14.556 [160989] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:37:14.647 [160989] info client.cpp::callSync []
2026-01-28 19:37:15.652 [160989] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:37:15.652 [160989] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:37:15.782 [160989] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:37:19.790 [160989] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:37:21.502 [160986] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:37:23.810 [160989] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:37:24.668 [160990] info communicator.cpp::processor processing exited
2026-01-28 19:37:38.669 [160977] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:37:39.670 [160977] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:37:39.679 [161942] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:37:39.679 [161942] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:37:39.679 [161942] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:37:39.679 [161942] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:37:39.679 [161942] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:37:39.808 [161942] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:37:39.885 [161942] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:37:40.090 [161942] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:37:40.091 [161956] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:37:40.091 [161960] info communicator.cpp::processor processing starting
2026-01-28 19:37:40.093 [161957] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:37:45.414 [161957] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:37:45.414 [161957] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:37:45.417 [161959] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:37:45.417 [161959] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:37:45.417 [161959] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:37:45.417 [161959] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:37:45.417 [161959] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:37:45.417 [161959] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:37:45.609 [161959] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:37:45.609 [161959] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:37:45.609 [161959] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:37:45.614 [161959] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:37:45.703 [161959] info client.cpp::callSync []
2026-01-28 19:37:46.708 [161959] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:37:46.708 [161959] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:37:46.852 [161959] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:37:50.859 [161959] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:37:52.562 [161956] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:37:54.878 [161959] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:37:55.417 [161960] info communicator.cpp::processor processing exited
2026-01-28 19:38:09.563 [161942] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:38:10.563 [161942] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:38:10.572 [162908] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:38:10.573 [162908] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:38:10.573 [162908] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:38:10.573 [162908] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:38:10.573 [162908] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:38:10.683 [162908] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:38:10.732 [162908] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:38:10.926 [162908] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:38:10.926 [162917] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:38:10.926 [162921] info communicator.cpp::processor processing starting
2026-01-28 19:38:10.928 [162918] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:38:17.258 [162918] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:38:17.259 [162918] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:38:17.261 [162920] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:38:17.261 [162920] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:38:17.261 [162920] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:38:17.261 [162920] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:38:17.261 [162920] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:38:17.261 [162920] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:38:17.535 [162920] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:38:17.535 [162920] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:38:17.535 [162920] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:38:17.540 [162920] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:38:17.634 [162920] info client.cpp::callSync []
2026-01-28 19:38:18.639 [162920] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:38:18.639 [162920] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:38:18.795 [162920] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:38:22.803 [162920] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:38:24.399 [162917] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:38:26.830 [162920] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:38:27.435 [162921] info communicator.cpp::processor processing exited
2026-01-28 19:38:41.436 [162908] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:38:42.436 [162908] info mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:38:42.447 [163871] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.84 **************
2026-01-28 19:38:42.447 [163871] info mbdaemon.cpp::main logLevel is info
2026-01-28 19:38:42.447 [163871] info mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:38:42.447 [163871] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:38:42.447 [163871] info sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:38:42.561 [163871] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:38:42.611 [163871] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:38:42.807 [163871] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:38:42.807 [163894] info telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:38:42.807 [163898] info communicator.cpp::processor processing starting
2026-01-28 19:38:42.807 [163895] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:38:48.141 [163895] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:38:48.141 [163895] info update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:38:48.143 [163897] warn serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:38:48.143 [163897] warn serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:38:48.143 [163897] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:38:48.143 [163897] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:38:48.143 [163897] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:38:48.143 [163897] info sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:38:48.337 [163897] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:38:48.337 [163897] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:38:48.337 [163897] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:38:48.342 [163897] info schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:38:48.434 [163897] info client.cpp::callSync []
2026-01-28 19:38:49.439 [163897] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:38:49.439 [163897] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:38:49.573 [163897] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:38:53.580 [163897] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}