| Current File : //var/log/mbdaemon.log |
2026-03-18 07:01:19.557 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 366420221952, \"freespace_total\": 366420221952, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 730054557696, \"freespace_total\": 730054557696, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5511192576, \"free_virtual\": 8346923008, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-18 07:01:19.616 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-18 08:08:45.754 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 08:08:45.843 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 09:33:21.845 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 09:33:21.931 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 11:33:57.933 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 11:33:58.020 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 13:28:16.022 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 13:28:16.110 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 14:29:35.734 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-18 14:29:37.088 [1423] info sirius.cpp::downloadUpdates No available packages to update
2026-03-18 14:29:37.091 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-18 14:29:37.091 [1423] info on_timer.cpp::update No agent updates available
2026-03-18 14:29:37.091 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-18 14:29:37.240 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-18 14:29:37.240 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-18 14:29:37.526 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-18 14:29:37.682 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108044
2026-03-18 14:29:38.773 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108044
2026-03-18 14:29:38.773 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108044
2026-03-18 14:29:38.970 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-18 14:29:39.110 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-18 14:29:39.111 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-18 14:29:39.257 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-18 14:29:39.260 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-18 14:52:52.112 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 14:52:52.200 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 16:30:58.202 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 16:30:58.289 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 18:22:34.290 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 18:22:34.379 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 20:04:17.391 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 20:04:17.478 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 21:23:29.479 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 21:23:29.567 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 22:59:47.570 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 22:59:50.898 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 00:03:20.005 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-19 00:03:20.148 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-19 00:03:20.148 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-19 00:03:20.148 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-19 00:03:21.159 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "6f872ff006cfb7f749a3c08c69ba24c8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-19 00:03:21.160 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-19 00:03:21.160 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-19 00:03:21.275 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1773893001
2026-03-19 00:03:21.275 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773893001
2026-03-19 00:03:21.275 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-19 00:03:21.276 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-19 00:03:21.276 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-19 00:54:09.107 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 00:54:09.194 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 00:54:55.053 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-19 00:54:55.198 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-19 00:54:55.198 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-19 00:54:55.198 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-19 00:54:56.210 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "4795350d84c167ee82477430c07b0130:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-19 00:54:56.210 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-19 00:54:56.210 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-19 00:54:56.334 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1773896096
2026-03-19 00:54:56.334 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773896096
2026-03-19 00:54:56.334 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-19 00:54:56.335 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-19 00:54:56.335 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-19 02:01:58.263 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-19 02:17:36.123 [1425] info on_nebula.cpp::handle Scan complete, duration: 938
2026-03-19 02:17:36.128 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-19 02:17:36.130 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 02:17:36.260 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 03:28:42.261 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 03:28:42.349 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 04:47:00.350 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 04:47:00.439 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 06:01:42.440 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 06:01:42.530 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 07:01:00.918 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-19 07:01:00.918 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-19 07:01:00.918 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-19 07:01:00.918 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-19 07:01:00.919 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-19 07:01:00.919 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-19 07:01:12.044 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-19 07:01:13.057 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-19 07:01:20.826 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 366381244416, \"freespace_total\": 366381244416, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 729066582016, \"freespace_total\": 729066582016, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10148429824, \"free_virtual\": 8332767232, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-03-19 07:01:21.191 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-19 07:01:21.193 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 07:01:21.332 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 08:39:27.333 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 08:39:27.420 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 10:25:39.421 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 10:25:39.510 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 11:33:09.512 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 11:33:09.600 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 12:40:40.613 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 12:40:40.701 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 14:13:22.703 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 14:13:22.814 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 14:29:44.500 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-19 14:29:46.855 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "4795350d84c167ee82477430c07b0130:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-19 14:29:49.900 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-19 14:29:49.900 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-19 14:29:49.900 [1423] info on_timer.cpp::update No agent updates available
2026-03-19 14:29:49.900 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-19 14:29:50.045 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-19 14:29:50.045 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-19 14:29:50.323 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-19 14:29:50.393 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108060
2026-03-19 14:29:51.420 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108060
2026-03-19 14:29:51.421 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108060
2026-03-19 14:29:51.508 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-19 14:29:51.664 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-19 14:29:51.665 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-19 14:29:51.814 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-19 14:29:51.815 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-19 14:30:14.956 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "4795350d84c167ee82477430c07b0130:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-19 15:19:58.817 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 15:19:58.928 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 16:36:28.929 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 16:36:29.018 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 18:26:17.019 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 18:26:17.108 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 20:04:23.109 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 20:04:23.197 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 21:32:35.198 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 21:32:35.304 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 22:46:23.306 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 22:46:23.394 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-19 23:57:29.395 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-19 23:57:34.041 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 00:58:46.042 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 00:58:46.156 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 02:01:59.209 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-20 02:18:34.521 [1425] info on_nebula.cpp::handle Scan complete, duration: 995
2026-03-20 02:18:34.523 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-20 02:18:34.524 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 02:18:34.664 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 04:10:11.677 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 04:10:11.766 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 05:59:59.767 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 05:59:59.857 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 07:00:58.011 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-20 07:00:58.011 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-20 07:00:58.011 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-20 07:00:58.011 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-20 07:00:58.012 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-20 07:00:58.012 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-20 07:01:09.151 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-20 07:01:10.163 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-20 07:01:18.590 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 365741457408, \"freespace_total\": 365741457408, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 728272240640, \"freespace_total\": 728272240640, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13190463488, \"free_virtual\": 8347185152, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-03-20 07:01:18.640 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-20 07:01:18.641 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 07:01:18.730 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 08:52:00.731 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 08:52:00.821 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 10:37:18.822 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 10:37:18.937 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 11:00:26.078 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-20 11:00:26.727 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-20 11:00:26.728 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-20 11:00:26.728 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-20 11:00:28.818 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "f49595bee4c6c71a584e73c175ce0a24:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-20 11:00:28.819 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-20 11:00:28.819 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-20 11:00:28.999 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774018828
2026-03-20 11:00:29.000 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774018828
2026-03-20 11:00:29.000 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-20 11:00:29.001 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-20 11:00:29.002 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-20 12:10:54.939 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 12:10:55.028 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 12:23:40.074 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-20 12:23:40.222 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-20 12:23:40.222 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-20 12:23:40.222 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-20 12:23:42.019 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "5790c0f99aacbec10cfb4560e2400635:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-20 12:23:42.019 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-20 12:23:42.019 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-20 12:23:42.150 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774023822
2026-03-20 12:23:42.150 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774023822
2026-03-20 12:23:42.150 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-20 12:23:42.151 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-20 12:23:42.152 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-20 14:00:44.041 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 14:00:44.129 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 14:18:11.360 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-20 14:18:11.597 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-20 14:18:11.598 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-20 14:18:11.598 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-20 14:18:11.990 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7fdb57e3dcdd36f0c13b52a97efb0957:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-20 14:18:11.993 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-20 14:18:11.993 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-20 14:18:12.144 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774030691
2026-03-20 14:18:12.144 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774030691
2026-03-20 14:18:12.144 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-20 14:18:12.145 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-20 14:18:12.149 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-20 14:29:55.970 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-20 14:29:59.228 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7fdb57e3dcdd36f0c13b52a97efb0957:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-20 14:30:01.502 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-20 14:30:01.502 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-20 14:30:01.502 [1423] info on_timer.cpp::update No agent updates available
2026-03-20 14:30:01.502 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-20 14:30:01.654 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-20 14:30:01.655 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-20 14:30:02.159 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-20 14:30:02.242 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108072
2026-03-20 14:30:03.257 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108072
2026-03-20 14:30:03.257 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108072
2026-03-20 14:30:03.383 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-20 14:30:03.510 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-20 14:30:03.510 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-20 14:30:03.655 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-20 14:30:03.658 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-20 14:30:15.297 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7fdb57e3dcdd36f0c13b52a97efb0957:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-20 15:45:08.338 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 15:45:08.427 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 16:03:20.524 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-20 16:03:20.664 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-20 16:03:20.664 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-20 16:03:20.664 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-20 16:03:22.982 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "add953f5cb9e8fd8f82da83c3d4e194d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-20 16:03:22.983 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-20 16:03:22.983 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-20 16:03:23.140 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774037002
2026-03-20 16:03:23.140 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774037002
2026-03-20 16:03:23.140 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-20 16:03:23.140 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-20 16:03:23.142 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-20 17:21:27.439 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 17:21:27.528 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 18:46:03.529 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 18:46:03.616 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 20:45:45.617 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 20:45:45.705 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 22:22:57.707 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 22:22:57.794 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-20 23:55:39.796 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-20 23:55:39.886 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 01:31:57.888 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 01:31:57.977 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 02:02:00.050 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-21 02:17:16.015 [1425] info on_nebula.cpp::handle Scan complete, duration: 916
2026-03-21 02:17:16.019 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-21 02:17:16.021 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 02:17:16.166 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 03:51:47.178 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 03:51:47.268 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 05:01:59.269 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 05:01:59.360 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 06:02:17.361 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 06:02:17.465 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 07:00:59.507 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-21 07:00:59.508 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-21 07:00:59.508 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-21 07:00:59.508 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-21 07:00:59.508 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-21 07:00:59.508 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-21 07:01:10.656 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-21 07:01:11.668 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-21 07:01:19.857 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364705198080, \"freespace_total\": 364705198080, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 728955871232, \"freespace_total\": 728955871232, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8970174464, \"free_virtual\": 8431333376, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-21 07:01:19.887 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-21 07:36:47.662 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 07:36:47.749 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 09:30:11.751 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 09:30:11.869 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 10:56:35.870 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 10:56:35.974 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 12:14:53.976 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 12:14:54.063 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 13:32:18.065 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 13:32:18.155 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 14:30:07.940 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-21 14:30:10.209 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "add953f5cb9e8fd8f82da83c3d4e194d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-21 14:30:14.224 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "add953f5cb9e8fd8f82da83c3d4e194d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-21 14:30:14.357 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-21 14:30:14.358 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-21 14:30:14.358 [1423] info on_timer.cpp::update No agent updates available
2026-03-21 14:30:14.358 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-21 14:30:14.538 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-21 14:30:14.538 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-21 14:30:15.077 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-21 14:30:15.154 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108088
2026-03-21 14:30:16.149 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108088
2026-03-21 14:30:16.149 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108088
2026-03-21 14:30:16.340 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-21 14:30:16.479 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-21 14:30:16.479 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-21 14:30:16.625 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-21 14:30:16.634 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-21 14:47:00.157 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 14:47:00.265 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 16:31:24.266 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 16:31:24.354 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 17:45:12.355 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 17:45:12.444 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 18:46:24.445 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 18:46:24.532 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 19:43:43.461 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-21 19:43:43.605 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-21 19:43:43.605 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-21 19:43:43.605 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-21 19:43:44.617 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "8f2878ceade46ea0fd6496a212cc233c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-21 19:43:44.617 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-21 19:43:44.617 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-21 19:43:44.719 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774136624
2026-03-21 19:43:44.719 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774136624
2026-03-21 19:43:44.719 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-21 19:43:44.720 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-21 19:43:44.720 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-21 20:04:42.533 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 20:04:42.619 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 21:12:12.621 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 21:12:12.710 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 22:38:36.712 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 22:38:48.253 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-21 23:40:00.255 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-21 23:40:00.342 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 00:55:27.329 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-22 00:55:49.795 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-22 00:55:49.795 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-22 00:55:49.795 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-22 00:55:49.811 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "8dc01a5a656f45d850cb7a1404c5eb74:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-22 00:55:49.812 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-22 00:55:49.812 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-22 00:55:49.967 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774155349
2026-03-22 00:55:49.967 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774155349
2026-03-22 00:55:49.967 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-22 00:55:49.967 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-22 00:55:49.967 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-22 00:55:50.418 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 00:55:50.505 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 02:10:32.908 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 02:10:32.998 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 03:27:56.999 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 03:27:57.087 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 05:10:33.089 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 05:10:33.179 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 06:19:51.180 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 06:19:55.217 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 07:40:55.219 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 07:40:55.323 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 09:32:31.324 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 09:32:31.412 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 11:07:55.413 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 11:07:55.502 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 13:00:25.504 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 13:00:25.591 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 14:30:21.425 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-22 14:30:24.888 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-22 14:30:24.889 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-22 14:30:24.889 [1423] info on_timer.cpp::update No agent updates available
2026-03-22 14:30:24.889 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-22 14:30:25.099 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-22 14:30:25.099 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-22 14:30:25.386 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-22 14:30:25.459 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108112
2026-03-22 14:30:26.510 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108112
2026-03-22 14:30:26.510 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108112
2026-03-22 14:30:26.631 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-22 14:30:26.929 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-22 14:30:26.929 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-22 14:30:27.098 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-22 14:30:27.107 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-22 14:41:14.604 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 14:41:14.693 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 16:31:03.707 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 16:31:03.806 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 17:46:39.807 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 17:46:39.895 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 19:19:21.896 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 19:19:22.009 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 20:57:28.411 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 20:57:28.500 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-22 22:22:58.502 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-22 22:22:58.589 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 00:07:23.601 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 00:07:23.690 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 01:43:41.892 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 01:43:41.981 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 02:01:58.055 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-23 02:33:03.828 [1425] info on_nebula.cpp::handle Scan complete, duration: 1865
2026-03-23 02:33:03.897 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-23 02:33:03.898 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 02:33:04.016 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 03:45:04.231 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 03:45:04.321 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 05:07:52.323 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 05:07:52.410 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 06:54:58.412 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 06:54:58.541 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 07:00:58.935 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-23 07:00:58.935 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-23 07:00:58.935 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-23 07:00:58.935 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-23 07:00:58.936 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-23 07:00:58.936 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-23 07:01:32.504 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-23 07:01:37.900 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-23 07:01:45.373 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 357687939072, \"freespace_total\": 357687939072, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 727585046528, \"freespace_total\": 727585046528, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5890031616, \"free_virtual\": 8443281408, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-23 07:01:45.446 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-23 07:01:45.447 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 07:01:45.622 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 08:31:45.623 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 08:31:45.722 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 08:39:42.026 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-23 08:39:42.214 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-23 08:39:42.214 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-23 08:39:42.277 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-23 08:39:43.290 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "e601af92a19d37bb5006f6a6fc627483:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-23 08:39:43.291 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-23 08:39:43.291 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-23 08:39:43.419 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774269583
2026-03-23 08:39:43.419 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774269583
2026-03-23 08:39:43.419 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-23 08:39:43.419 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-23 08:39:43.424 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-23 10:17:57.723 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 10:17:57.812 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 12:16:45.813 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 12:16:45.901 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 13:33:15.904 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 13:33:15.992 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 13:38:58.026 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-23 13:38:58.223 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-23 13:38:58.223 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-23 13:38:58.223 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-23 13:39:01.333 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "f87d66de1c1c2e3867b8a3d4e8bb2fcf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-23 13:39:01.333 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-23 13:39:01.333 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-23 13:39:01.489 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774287541
2026-03-23 13:39:01.489 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774287541
2026-03-23 13:39:01.489 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-23 13:39:01.490 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-23 13:39:01.490 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-23 14:30:31.377 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-23 14:30:33.959 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-23 14:30:33.965 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-23 14:30:33.965 [1423] info on_timer.cpp::update No agent updates available
2026-03-23 14:30:33.965 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-23 14:30:34.139 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-23 14:30:34.139 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-23 14:30:34.855 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-23 14:30:35.056 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108156
2026-03-23 14:30:36.017 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108156
2026-03-23 14:30:36.017 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108156
2026-03-23 14:30:36.111 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-23 14:30:36.385 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-23 14:30:36.385 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-23 14:30:36.534 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-23 14:30:36.537 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-23 14:30:37.141 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "f87d66de1c1c2e3867b8a3d4e8bb2fcf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-23 14:30:40.155 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "f87d66de1c1c2e3867b8a3d4e8bb2fcf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-23 14:36:15.994 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 14:36:16.085 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 15:39:16.086 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 15:39:28.736 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 17:11:16.738 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 17:11:16.826 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 18:13:22.828 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 18:13:22.924 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 19:46:58.925 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 19:46:59.011 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 20:05:04.158 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-23 20:05:04.323 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-23 20:05:04.323 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-23 20:05:04.323 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-23 20:05:07.457 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1cd94772e4a5bb9734a5bb8d26af3ea1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-23 20:05:07.457 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-23 20:05:07.457 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-23 20:05:07.604 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774310707
2026-03-23 20:05:07.604 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774310707
2026-03-23 20:05:07.604 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-23 20:05:07.605 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-23 20:05:07.605 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-23 21:02:35.029 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 21:02:35.142 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-23 22:47:53.143 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-23 22:47:53.230 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 00:25:59.230 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 00:25:59.318 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 02:01:59.445 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-24 02:26:30.570 [1425] info on_nebula.cpp::handle Scan complete, duration: 1471
2026-03-24 02:26:30.924 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-24 02:26:30.925 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 02:26:31.033 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 03:55:38.045 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 03:55:38.156 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 05:45:26.158 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 05:45:26.272 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 07:01:00.455 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-24 07:01:00.455 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-24 07:01:00.455 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-24 07:01:00.455 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-24 07:01:00.456 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-24 07:01:00.461 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-24 07:01:10.591 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-24 07:01:11.604 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-24 07:01:19.212 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 368111374336, \"freespace_total\": 368111374336, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 726880796672, \"freespace_total\": 726880796672, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10221903872, \"free_virtual\": 8388341760, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-03-24 07:01:19.274 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-24 07:01:19.275 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 07:01:19.365 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 08:03:25.366 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 08:03:25.456 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 09:32:31.457 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 09:32:31.545 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 10:32:49.546 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 10:32:49.635 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 11:38:32.291 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-24 11:38:32.621 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-24 11:38:32.621 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-24 11:38:32.622 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-24 11:38:33.638 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2b99f7342f30b94b12315bb0c4212f3b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-24 11:38:33.638 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-24 11:38:33.638 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-24 11:38:33.794 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774366713
2026-03-24 11:38:33.794 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774366713
2026-03-24 11:38:33.794 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-24 11:38:33.795 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-24 11:38:33.795 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-24 12:04:37.635 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 12:04:37.722 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 14:05:13.724 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 14:05:13.811 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 14:30:41.299 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-24 14:30:45.665 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-24 14:30:45.667 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-24 14:30:45.667 [1423] info on_timer.cpp::update No agent updates available
2026-03-24 14:30:45.667 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-24 14:30:45.859 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-24 14:30:45.859 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-24 14:30:45.889 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2b99f7342f30b94b12315bb0c4212f3b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-24 14:30:46.149 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-24 14:30:46.234 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108174
2026-03-24 14:30:47.295 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108174
2026-03-24 14:30:47.296 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108174
2026-03-24 14:30:47.537 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-24 14:30:47.720 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-24 14:30:47.720 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-24 14:30:47.934 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-24 14:30:47.936 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-24 14:30:53.924 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2b99f7342f30b94b12315bb0c4212f3b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-24 15:08:13.814 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 15:08:13.901 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 16:28:08.344 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-24 16:28:08.481 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-24 16:28:08.481 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-24 16:28:08.481 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-24 16:28:11.510 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "0c22e821c4c4a09bab5b2b8dc5497fea:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-24 16:28:11.510 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-24 16:28:11.510 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-24 16:28:11.615 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774384091
2026-03-24 16:28:11.615 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774384091
2026-03-24 16:28:11.615 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-24 16:28:11.616 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-24 16:28:11.616 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-24 16:40:55.901 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 16:40:55.988 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 18:16:19.994 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 18:16:20.083 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 20:10:38.084 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 20:10:38.172 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 21:57:43.576 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 21:57:43.666 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-24 23:40:20.264 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-24 23:40:20.351 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 00:54:08.352 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 00:54:08.440 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 02:01:58.519 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-25 02:33:53.050 [1425] info on_nebula.cpp::handle Scan complete, duration: 1915
2026-03-25 02:33:53.057 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-25 02:33:53.059 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 02:33:53.179 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 03:57:36.191 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 03:57:36.280 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 05:05:06.283 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 05:05:06.370 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 06:42:18.371 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 06:42:18.461 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 07:00:58.604 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-25 07:00:58.604 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-25 07:00:58.604 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-25 07:00:58.604 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-25 07:00:58.605 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-25 07:00:58.605 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-25 07:01:06.737 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-25 07:01:06.747 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-25 07:01:48.001 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 366555508736, \"freespace_total\": 366555508736, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 726039855104, \"freespace_total\": 726039855104, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 2898853888, \"free_virtual\": 8432644096, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-25 07:01:56.807 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-25 07:01:56.831 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 07:01:56.982 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 08:25:38.984 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 08:25:39.073 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 09:59:15.075 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 09:59:15.166 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 11:00:27.168 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 11:00:27.277 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 13:01:04.289 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 13:01:04.382 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 14:13:04.383 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 14:13:04.493 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 14:30:52.349 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-25 14:30:54.642 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "0c22e821c4c4a09bab5b2b8dc5497fea:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-25 14:30:55.718 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-25 14:30:55.719 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-25 14:30:55.719 [1423] info on_timer.cpp::update No agent updates available
2026-03-25 14:30:55.719 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-25 14:30:55.866 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-25 14:30:55.866 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-25 14:30:56.159 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-25 14:30:56.300 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108192
2026-03-25 14:30:57.218 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108192
2026-03-25 14:30:57.218 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108192
2026-03-25 14:30:57.364 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-25 14:30:57.513 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-25 14:30:57.514 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-25 14:30:57.665 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-25 14:30:57.669 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-25 14:31:08.506 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "0c22e821c4c4a09bab5b2b8dc5497fea:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-25 15:43:04.494 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 15:43:04.582 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 17:18:29.595 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 17:18:29.682 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 19:00:11.684 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 19:00:11.772 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 20:56:17.773 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 20:56:17.862 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 21:29:31.661 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-25 21:29:32.018 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-25 21:29:32.018 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-25 21:29:32.018 [1425] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.ars
2026-03-25 21:29:32.018 [1425] info sirius.cpp::downloadUpdates checking for new updates
2026-03-25 21:29:32.425 [1425] info sirius.cpp::downloadUpdates updating package: epa.linux.plugin.ars
2026-03-25 21:29:32.843 [1425] info sirius.cpp::download updated epa.linux.plugin.ars to version 1.0.15
2026-03-25 21:29:32.846 [1425] info sirius.cpp::unpack Extracting epa.linux.plugin.ars to /usr/share/mblinux/plugins/epa.linux.plugin.ars/
2026-03-25 21:29:33.850 [1425] info sirius.cpp::unpack Unpacked epa.linux.plugin.ars 1.0.15
2026-03-25 21:29:33.851 [1425] info sirius.cpp::installDownloaded installed epa.linux.plugin.ars 1.0.15
2026-03-25 21:29:33.865 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-25 21:29:33.876 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9659e6a7797393ddab5de769f038a581:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-25 21:29:33.877 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-25 21:29:33.877 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-25 21:29:33.996 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774488573
2026-03-25 21:29:33.996 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774488573
2026-03-25 21:29:33.996 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-25 21:29:33.999 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-25 21:29:33.999 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-25 22:37:59.863 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 22:37:59.951 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-25 23:44:35.951 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-25 23:44:36.067 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 01:29:54.070 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 01:29:54.180 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 02:01:59.312 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-26 02:37:28.213 [1425] info on_nebula.cpp::handle Scan complete, duration: 2129
2026-03-26 02:37:28.230 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-26 02:37:28.231 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 02:37:28.378 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 04:03:52.380 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 04:03:52.469 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 05:12:16.470 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 05:12:16.594 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 06:26:04.595 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 06:26:04.687 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 08:16:46.688 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 08:16:46.778 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 10:02:58.779 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 10:02:58.870 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 11:54:34.871 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 11:54:34.958 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 13:29:58.959 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 13:29:59.047 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 14:21:20.952 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-26 14:21:21.155 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-26 14:21:21.155 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-26 14:21:21.156 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-26 14:21:22.168 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "f786cf74dca1436319cf7361f8a05daf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-26 14:21:22.171 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-26 14:21:22.172 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-26 14:21:22.346 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774549282
2026-03-26 14:21:22.346 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774549282
2026-03-26 14:21:22.346 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-26 14:21:22.359 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-26 14:21:22.362 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-26 14:22:44.905 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-26 14:22:45.010 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-26 14:22:45.010 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-26 14:22:45.010 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-26 14:22:49.028 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "e772e0bb46bdae85f13ad83b9d769aaa:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-26 14:22:50.044 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-26 14:22:50.044 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-26 14:22:50.134 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774549370
2026-03-26 14:22:50.134 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774549370
2026-03-26 14:22:50.134 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-26 14:22:50.135 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-26 14:22:50.135 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-26 14:31:02.283 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-26 14:31:05.219 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "e772e0bb46bdae85f13ad83b9d769aaa:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-26 14:31:08.680 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-26 14:31:08.680 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-26 14:31:08.680 [1423] info on_timer.cpp::update No agent updates available
2026-03-26 14:31:08.680 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-26 14:31:08.856 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-26 14:31:08.856 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-26 14:31:09.233 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "e772e0bb46bdae85f13ad83b9d769aaa:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-26 14:31:09.330 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-26 14:31:09.404 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108214
2026-03-26 14:31:10.278 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108214
2026-03-26 14:31:10.278 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108214
2026-03-26 14:31:10.387 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-26 14:31:10.518 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-26 14:31:10.519 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-26 14:31:10.683 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-03-26 14:31:10.683 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-26 14:31:10.684 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-26 14:41:06.060 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 14:41:06.150 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 15:43:07.851 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-26 15:43:08.031 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-26 15:43:08.031 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-26 15:43:08.031 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-26 15:43:09.534 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "b142cf23894a91f629895fea990d472a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-26 15:43:09.535 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-26 15:43:09.535 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-26 15:43:09.713 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774554189
2026-03-26 15:43:09.713 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774554189
2026-03-26 15:43:09.713 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-26 15:43:09.714 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-26 15:43:09.714 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-26 16:24:36.151 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 16:24:36.240 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 17:51:54.241 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 17:51:54.337 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 18:57:36.339 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 18:57:36.426 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 20:51:54.427 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 20:51:54.515 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 21:26:59.557 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-26 21:26:59.706 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-26 21:26:59.706 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-26 21:26:59.706 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-26 21:27:00.719 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "94e4c9ec3f73895335bd00a3ac84e3c4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-26 21:27:00.720 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-26 21:27:00.720 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-26 21:27:00.856 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774574820
2026-03-26 21:27:00.856 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774574820
2026-03-26 21:27:00.856 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-26 21:27:00.858 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-26 21:27:00.858 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-26 22:52:30.521 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-26 22:52:30.609 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-26 23:57:17.809 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-26 23:57:17.940 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-26 23:57:17.940 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-26 23:57:17.940 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-26 23:57:21.721 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7c73a92f901898b4cfefd3e514f0dc5c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-26 23:57:22.733 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-26 23:57:22.733 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-26 23:57:22.828 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774583842
2026-03-26 23:57:22.828 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774583842
2026-03-26 23:57:22.828 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-26 23:57:22.829 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-26 23:57:22.829 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-27 00:33:48.912 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-27 00:33:49.020 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-27 00:33:49.020 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-27 00:33:49.021 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-27 00:33:53.035 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "b8dd25aa29f34b66415bd6d769dc2205:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-27 00:33:54.108 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-27 00:33:54.109 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-27 00:33:54.201 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774586034
2026-03-27 00:33:54.201 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774586034
2026-03-27 00:33:54.201 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-27 00:33:54.202 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-27 00:33:54.221 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-27 00:37:48.611 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 00:37:48.700 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 02:01:58.800 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-27 02:25:56.680 [1425] info on_nebula.cpp::handle Scan complete, duration: 1438
2026-03-27 02:25:56.698 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-27 02:25:56.699 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 02:25:56.836 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 04:11:14.837 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 04:11:14.925 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 04:21:32.126 [1425] info client.cpp::callSync []
2026-03-27 04:21:33.228 [1425] info client.cpp::syncExclusions Updated exclusions: 4743a25345abf91e1912971bd6f711cd
2026-03-27 04:21:33.228 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 4743a25345abf91e1912971bd6f711cd
2026-03-27 04:21:33.228 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-27 04:21:33.229 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-27 04:21:33.239 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-27 04:21:33.241 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 04:21:33.335 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 06:04:09.336 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 06:04:09.426 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 07:00:59.462 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-27 07:00:59.468 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-27 07:00:59.468 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-27 07:00:59.468 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-27 07:00:59.469 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-27 07:00:59.469 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-27 07:01:09.598 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-27 07:01:10.611 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-27 07:01:19.026 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364282712064, \"freespace_total\": 364282712064, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 724006477824, \"freespace_total\": 724006477824, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 4463599616, \"free_virtual\": 8187015168, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-27 07:01:19.060 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-27 07:36:51.427 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 07:36:51.516 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 09:27:34.528 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 09:27:34.615 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 10:01:17.710 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-27 10:01:17.864 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-27 10:01:17.864 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-27 10:01:17.865 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-27 10:01:20.979 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "548849f48c47ed623b9c241cc756c8d3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-27 10:01:20.983 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-27 10:01:20.984 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-27 10:01:21.110 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774620080
2026-03-27 10:01:21.110 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774620080
2026-03-27 10:01:21.111 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-27 10:01:21.113 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-27 10:01:21.628 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-27 11:20:04.616 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 11:20:04.702 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 12:39:16.704 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 12:39:16.792 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 13:56:40.794 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 13:56:40.883 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 14:31:14.970 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-27 14:31:16.966 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "548849f48c47ed623b9c241cc756c8d3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-27 14:31:21.379 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-27 14:31:21.379 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-27 14:31:21.379 [1423] info on_timer.cpp::update No agent updates available
2026-03-27 14:31:21.379 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-27 14:31:21.544 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-27 14:31:21.544 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-27 14:31:22.081 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-27 14:31:22.406 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108240
2026-03-27 14:31:23.279 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108240
2026-03-27 14:31:23.279 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108240
2026-03-27 14:31:23.559 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-27 14:31:23.849 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-27 14:31:23.849 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-27 14:31:24.020 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-03-27 14:31:24.020 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-27 14:31:24.024 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-27 14:31:50.896 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "548849f48c47ed623b9c241cc756c8d3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-27 15:14:58.884 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 15:14:58.973 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 16:40:28.975 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 16:40:29.069 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 18:04:11.472 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 18:04:11.561 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 19:22:30.574 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 19:22:30.662 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 21:14:06.663 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 21:14:06.752 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 22:14:25.764 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 22:14:25.852 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-27 22:15:11.912 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-27 22:15:12.046 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-27 22:15:12.046 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-27 22:15:12.046 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-27 22:15:16.061 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7d30b3e7ebf08272b6dfceafb9774e3b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-27 22:15:17.114 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-27 22:15:17.114 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-27 22:15:17.206 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774664117
2026-03-27 22:15:17.206 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774664117
2026-03-27 22:15:17.206 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-27 22:15:17.206 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-27 22:15:17.207 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-27 23:32:43.855 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-27 23:32:43.942 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 00:50:07.943 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 00:50:08.032 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 02:01:59.201 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-28 02:19:34.620 [1425] info on_nebula.cpp::handle Scan complete, duration: 1055
2026-03-28 02:19:34.627 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-28 02:19:34.629 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 02:19:34.755 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 03:34:16.756 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 03:34:16.845 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 04:35:28.846 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 04:35:28.935 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 05:49:16.936 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 05:49:17.025 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 06:49:35.027 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 06:49:35.123 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 07:00:59.259 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-28 07:00:59.263 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-28 07:00:59.263 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-28 07:00:59.263 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-28 07:00:59.264 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-28 07:00:59.264 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-28 07:01:07.418 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-28 07:01:07.435 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-28 07:01:15.871 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364462137344, \"freespace_total\": 364462137344, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 724780752896, \"freespace_total\": 724780752896, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11442520064, \"free_virtual\": 8293969920, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-03-28 07:01:15.914 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-28 08:26:48.136 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 08:26:48.226 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 10:03:06.227 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 10:03:06.317 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 11:52:54.548 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 11:52:54.635 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 13:17:31.648 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 13:17:31.736 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 14:19:37.737 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 14:19:37.833 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 14:31:28.505 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-28 14:31:31.876 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7d30b3e7ebf08272b6dfceafb9774e3b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-28 14:31:32.950 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-28 14:31:32.951 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-28 14:31:32.951 [1423] info on_timer.cpp::update No agent updates available
2026-03-28 14:31:32.951 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-28 14:31:33.139 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-28 14:31:33.139 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-28 14:31:33.660 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-28 14:31:33.745 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108254
2026-03-28 14:31:34.671 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108254
2026-03-28 14:31:34.671 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108254
2026-03-28 14:31:34.791 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-28 14:31:34.966 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-28 14:31:34.967 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-28 14:31:35.135 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-03-28 14:31:35.135 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-28 14:31:35.137 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-28 14:31:47.940 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7d30b3e7ebf08272b6dfceafb9774e3b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-28 16:20:13.834 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 16:20:13.924 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 17:34:01.925 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 17:34:02.014 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 18:45:08.015 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 18:45:08.118 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 20:03:26.120 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 20:03:26.236 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 21:24:26.238 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 21:24:26.326 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-28 23:23:14.327 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-28 23:23:14.414 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 00:28:56.415 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 00:28:56.504 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 02:01:58.580 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-29 02:21:39.977 [1425] info on_nebula.cpp::handle Scan complete, duration: 1181
2026-03-29 02:21:39.979 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-29 02:21:39.980 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 02:21:40.146 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 03:59:46.147 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 03:59:46.235 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 05:01:52.236 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 05:01:52.351 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 06:21:58.353 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 06:21:58.440 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 07:00:59.562 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-29 07:00:59.562 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-29 07:00:59.562 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-29 07:00:59.563 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-29 07:00:59.563 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-29 07:00:59.563 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-29 07:01:07.716 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-29 07:01:07.727 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-29 07:01:12.142 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 363004002304, \"freespace_total\": 363004002304, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 724082241536, \"freespace_total\": 724082241536, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9307492352, \"free_virtual\": 8350068736, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-29 07:01:12.184 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-29 07:33:58.669 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 07:33:58.757 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 08:42:22.759 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 08:42:22.848 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 10:24:04.849 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 10:24:05.116 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 12:11:11.117 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 12:11:11.208 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 13:33:59.209 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 13:33:59.296 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 14:31:39.399 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-29 14:31:43.323 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7d30b3e7ebf08272b6dfceafb9774e3b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-29 14:31:45.840 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-29 14:31:45.841 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-29 14:31:45.841 [1423] info on_timer.cpp::update No agent updates available
2026-03-29 14:31:45.841 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-29 14:31:46.005 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-29 14:31:46.005 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-29 14:31:46.288 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-29 14:31:46.378 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108272
2026-03-29 14:31:47.271 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108272
2026-03-29 14:31:47.271 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108272
2026-03-29 14:31:47.343 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7d30b3e7ebf08272b6dfceafb9774e3b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-29 14:31:47.422 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-29 14:31:47.593 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-29 14:31:47.593 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-29 14:31:47.758 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-03-29 14:31:47.758 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-29 14:31:47.760 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-29 14:39:03.479 [1425] info client.cpp::registerRefresh nebula client refresh success
2026-03-29 14:39:03.480 [1425] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.ars
2026-03-29 14:39:03.480 [1425] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-03-29 14:39:03.503 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 14:39:03.594 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 16:16:15.595 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 16:16:15.684 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 17:21:41.160 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-29 17:21:41.338 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-29 17:21:41.338 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-29 17:21:41.338 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-29 17:21:45.354 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "96dedc59bf5bc6fdc326e49a18732ae8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-29 17:21:46.366 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-29 17:21:46.366 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-29 17:21:46.462 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774819306
2026-03-29 17:21:46.462 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774819306
2026-03-29 17:21:46.462 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-29 17:21:46.467 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-29 17:21:46.467 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-29 18:15:57.685 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 18:15:57.804 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 19:48:39.806 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 19:48:39.894 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 21:43:51.896 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 21:43:51.987 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-29 23:27:21.990 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-29 23:27:22.079 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 00:57:22.081 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 00:57:22.170 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 02:02:00.332 [1425] info on_nebula.cpp::handle Performing threat scan
2026-03-30 02:28:39.722 [1425] info on_nebula.cpp::handle Scan complete, duration: 1599
2026-03-30 02:28:39.947 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-30 02:28:39.948 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 02:28:40.038 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 03:58:41.053 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 03:58:41.142 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 05:37:43.215 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 05:37:46.849 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 07:00:59.056 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-30 07:00:59.061 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-03-30 07:00:59.062 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-30 07:00:59.062 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-30 07:00:59.063 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-30 07:00:59.068 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-30 07:01:10.853 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-30 07:01:10.947 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-30 07:01:25.009 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 373571010560, \"freespace_total\": 373571010560, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 723422556160, \"freespace_total\": 723422556160, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3929628672, \"free_virtual\": 8411635712, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-30 07:01:25.135 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-03-30 07:10:28.851 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 07:10:28.974 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 08:45:58.565 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-30 08:46:13.703 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-30 08:46:13.703 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-30 08:46:13.704 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-30 08:46:14.716 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "8890afe5e229ad2d98fe30070e6b2a7e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-30 08:46:14.716 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-30 08:46:14.717 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-30 08:46:15.117 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774874774
2026-03-30 08:46:15.117 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774874774
2026-03-30 08:46:15.117 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-30 08:46:15.118 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-30 08:46:15.122 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-30 09:05:41.178 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 09:05:41.264 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 10:12:17.467 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 10:12:17.557 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 10:56:48.863 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-30 10:56:48.988 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-30 10:56:48.988 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-30 10:56:48.988 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-30 10:56:51.458 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "199fd5d2a29d9f40370f8c28fcc92af1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-30 10:56:51.459 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-30 10:56:51.459 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-30 10:56:51.605 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774882611
2026-03-30 10:56:51.605 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774882611
2026-03-30 10:56:51.605 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-30 10:56:51.606 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-30 10:56:51.615 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-30 11:53:05.558 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 11:53:05.646 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 13:42:53.647 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 13:42:53.736 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 14:31:52.318 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-30 14:31:53.827 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "199fd5d2a29d9f40370f8c28fcc92af1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-30 14:31:55.841 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-30 14:31:55.841 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-30 14:31:55.841 [1423] info on_timer.cpp::update No agent updates available
2026-03-30 14:31:55.841 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-30 14:31:56.008 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-30 14:31:56.008 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-30 14:31:57.074 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-30 14:31:57.203 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108302
2026-03-30 14:31:57.847 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "199fd5d2a29d9f40370f8c28fcc92af1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-30 14:31:58.252 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108302
2026-03-30 14:31:58.252 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108302
2026-03-30 14:31:58.441 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-30 14:31:58.617 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-30 14:31:58.617 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-30 14:31:58.782 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-03-30 14:31:58.782 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-30 14:31:58.790 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-30 14:58:29.737 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 14:58:29.824 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 16:51:53.826 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 16:51:53.914 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 18:16:29.915 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 18:16:30.003 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 19:29:30.102 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-30 19:29:30.294 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-30 19:29:30.294 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-30 19:29:30.294 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-30 19:29:31.310 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "c01fd12201ace9401f706f31c1dc08ef:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-30 19:29:31.314 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-30 19:29:31.314 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-30 19:29:31.458 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774913371
2026-03-30 19:29:31.458 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774913371
2026-03-30 19:29:31.458 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-30 19:29:31.458 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-30 19:29:31.468 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-30 19:37:02.331 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-03-30 19:37:02.516 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-30 19:37:02.516 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-30 19:37:02.516 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-30 19:37:03.532 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "88a5c1c3b6cff817c663dcf669728be0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-30 19:37:03.532 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-03-30 19:37:03.532 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-30 19:37:03.659 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1774913823
2026-03-30 19:37:03.659 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1774913823
2026-03-30 19:37:03.659 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-30 19:37:03.659 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-30 19:37:03.659 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-30 20:07:13.020 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 20:07:13.139 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 21:54:18.144 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 21:54:18.232 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-30 23:48:37.230 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-30 23:48:37.343 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 01:25:49.345 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 01:25:49.432 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 03:10:13.433 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 03:10:13.547 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 05:01:49.548 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 05:01:49.635 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 06:21:01.638 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 06:21:01.756 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 07:23:07.757 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 07:23:07.859 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 08:52:13.861 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 08:52:13.948 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 10:18:37.950 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 10:18:38.037 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 11:37:50.039 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 11:37:50.147 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 13:30:21.160 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 13:30:21.249 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 14:32:02.806 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-31 14:32:05.365 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "88a5c1c3b6cff817c663dcf669728be0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-31 14:32:08.261 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-31 14:32:08.263 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-03-31 14:32:08.263 [1423] info on_timer.cpp::update No agent updates available
2026-03-31 14:32:08.263 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-31 14:32:08.452 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-31 14:32:08.452 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-31 14:32:09.010 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-31 14:32:09.096 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108330
2026-03-31 14:32:09.385 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "88a5c1c3b6cff817c663dcf669728be0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-31 14:32:10.228 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108330
2026-03-31 14:32:10.228 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108330
2026-03-31 14:32:10.491 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-31 14:32:10.663 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-31 14:32:10.663 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-03-31 14:32:10.826 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-03-31 14:32:10.826 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-31 14:32:10.830 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-03-31 14:44:09.250 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 14:44:09.343 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 16:28:33.344 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 16:28:33.451 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 17:48:39.452 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 17:48:39.539 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 19:38:27.541 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 19:38:27.630 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 21:06:39.631 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 21:06:39.719 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 22:25:51.721 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 22:25:51.833 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-31 23:49:33.834 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-31 23:49:33.928 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 01:16:51.929 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 01:16:52.041 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 02:23:28.042 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 02:23:28.153 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 04:15:58.154 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 04:15:58.244 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 05:16:17.257 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 05:16:17.344 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 06:28:08.568 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-01 06:28:08.781 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-01 06:28:08.781 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-01 06:28:08.782 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-01 06:28:12.165 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "31c1e9cfb1c24b5e6ead8bdd6eb645fb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-01 06:28:12.180 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-01 06:28:12.181 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-01 06:28:12.341 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775039292
2026-04-01 06:28:12.341 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775039292
2026-04-01 06:28:12.341 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-01 06:28:12.344 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-01 06:28:12.345 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-01 06:41:48.362 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 06:41:48.504 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 07:00:58.565 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-01 07:00:58.565 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-01 07:00:58.565 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-01 07:00:58.565 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-01 07:00:58.565 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-01 07:00:58.566 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-01 07:01:05.715 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-01 07:01:05.724 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-01 07:01:14.230 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 366654230528, \"freespace_total\": 366654230528, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 721762283520, \"freespace_total\": 721762283520, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 14032289792, \"free_virtual\": 8378949632, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-01 07:01:14.487 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-01 08:14:30.505 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 08:14:30.595 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 09:22:29.708 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-01 09:22:30.519 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-01 09:22:30.519 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-01 09:22:30.519 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-01 09:22:31.532 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "276c5f8331ad817ec45063523054da42:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-01 09:22:31.532 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-01 09:22:31.532 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-01 09:22:31.868 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775049751
2026-04-01 09:22:31.868 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775049751
2026-04-01 09:22:31.868 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-01 09:22:31.869 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-01 09:22:31.869 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-01 09:39:08.622 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-01 09:39:08.786 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-01 09:39:08.786 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-01 09:39:08.786 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-01 09:39:12.380 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7ef5424c54b2ea481327e22fa4a26eac:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-01 09:39:13.393 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-01 09:39:13.393 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-01 09:39:13.485 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775050753
2026-04-01 09:39:13.485 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775050753
2026-04-01 09:39:13.485 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-01 09:39:13.485 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-01 09:39:13.497 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-01 09:49:55.611 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 09:49:55.704 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 10:59:13.705 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 10:59:13.795 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 11:52:26.119 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-01 11:52:26.294 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-01 11:52:26.294 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-01 11:52:26.294 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-01 11:52:27.485 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "b9e286c977fb1415415b506196e77d94:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-01 11:52:27.486 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-01 11:52:27.486 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-01 11:52:27.675 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775058747
2026-04-01 11:52:27.675 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775058747
2026-04-01 11:52:27.675 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-01 11:52:27.676 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-01 11:52:27.676 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-01 12:59:49.797 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 12:59:49.886 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 14:04:37.888 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 14:04:38.008 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 14:32:15.118 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-01 14:32:18.155 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "b9e286c977fb1415415b506196e77d94:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-01 14:32:20.508 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-01 14:32:20.508 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-01 14:32:20.508 [1423] info on_timer.cpp::update No agent updates available
2026-04-01 14:32:20.508 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-01 14:32:20.672 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-01 14:32:20.672 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-01 14:32:21.255 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-01 14:32:21.332 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108348
2026-04-01 14:32:22.400 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108348
2026-04-01 14:32:22.401 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108348
2026-04-01 14:32:22.644 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-01 14:32:22.832 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-01 14:32:22.832 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-01 14:32:22.995 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-01 14:32:22.995 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-01 14:32:22.997 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-01 14:32:40.037 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "b9e286c977fb1415415b506196e77d94:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-01 15:10:20.011 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 15:10:20.099 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 15:50:01.347 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-01 15:50:01.457 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-01 15:50:01.457 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-01 15:50:01.457 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-01 15:50:04.349 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "b0d3009105cb292c8d15427db32eed8f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-01 15:50:04.349 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-01 15:50:04.349 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-01 15:50:04.512 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775073004
2026-04-01 15:50:04.512 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775073004
2026-04-01 15:50:04.512 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-01 15:50:04.513 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-01 15:50:04.537 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-01 16:18:44.100 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 16:18:44.224 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 17:39:44.225 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 17:39:44.312 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 19:39:26.314 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 19:39:26.408 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 20:54:04.445 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-01 20:54:33.671 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-01 20:54:33.671 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-01 20:54:33.671 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-01 20:54:34.683 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1db1deac400e00a1dec80b64ec191dd8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-01 20:54:35.402 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-01 20:54:35.402 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-01 20:54:52.783 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775091275
2026-04-01 20:54:52.783 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775091275
2026-04-01 20:54:52.783 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-01 20:54:52.784 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-01 20:54:53.294 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-01 20:54:53.319 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 20:54:53.412 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-01 22:42:53.413 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-01 22:42:53.501 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 00:35:23.502 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 00:35:23.589 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 01:59:05.591 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 01:59:05.679 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 02:01:59.721 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-02 03:05:05.476 [1425] info on_nebula.cpp::handle Scan complete, duration: 3786
2026-04-02 03:05:06.059 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-02 03:05:06.060 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 03:05:06.146 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 04:07:12.147 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 04:07:12.238 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 05:14:42.239 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 05:14:42.329 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 06:53:44.268 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 06:54:00.688 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 08:08:42.896 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 08:08:42.982 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 09:00:08.462 [1425] info client.cpp::callSync []
2026-04-02 09:00:09.599 [1425] info client.cpp::syncExclusions Updated exclusions: cbc6819e5356fd5cb19bae04c0c9b75e
2026-04-02 09:00:09.599 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: cbc6819e5356fd5cb19bae04c0c9b75e
2026-04-02 09:00:09.599 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-02 09:00:09.601 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-02 09:00:09.613 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-02 09:00:09.614 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 09:00:09.739 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 10:26:34.751 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 10:26:34.841 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 11:28:40.842 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 11:28:46.553 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 12:34:28.554 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 12:34:28.643 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 14:10:46.842 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 14:10:46.929 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 14:32:27.478 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-02 14:32:31.160 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1db1deac400e00a1dec80b64ec191dd8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-02 14:32:33.908 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-02 14:32:33.922 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-02 14:32:33.922 [1423] info on_timer.cpp::update No agent updates available
2026-04-02 14:32:33.922 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-02 14:32:34.093 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-02 14:32:34.093 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-02 14:32:34.624 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-02 14:32:34.707 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108368
2026-04-02 14:32:35.750 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108368
2026-04-02 14:32:35.750 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108368
2026-04-02 14:32:36.026 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-02 14:32:36.193 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-02 14:32:36.194 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-02 14:32:36.356 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-02 14:32:36.356 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-02 14:32:36.357 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-02 14:32:46.232 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1db1deac400e00a1dec80b64ec191dd8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-02 15:18:16.931 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 15:18:17.041 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 16:32:59.042 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 16:32:59.130 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 17:55:47.131 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 17:55:47.218 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 19:37:29.219 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 19:37:29.307 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 21:13:47.308 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 21:13:47.419 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 22:23:59.420 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 22:23:59.508 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-02 23:29:41.510 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-02 23:29:41.598 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 00:50:41.599 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 00:50:41.690 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 01:50:59.691 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 01:50:59.779 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 02:01:59.822 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-03 03:53:02.132 [1425] info on_nebula.cpp::handle Scan complete, duration: 6663
2026-04-03 03:53:02.137 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-03 03:53:02.138 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 03:53:02.255 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 05:04:09.268 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 05:04:09.382 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 05:49:18.422 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-03 05:49:18.542 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-03 05:49:18.542 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-03 05:49:18.543 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-03 05:49:19.921 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a9a0d6078c8bcbe58ee2a8e06dc43250:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-03 05:49:19.921 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-03 05:49:19.921 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-03 05:49:20.059 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775209759
2026-04-03 05:49:20.059 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775209759
2026-04-03 05:49:20.059 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-03 05:49:20.060 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-03 05:49:20.060 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-03 06:13:27.384 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 06:13:27.473 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 07:00:59.643 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-03 07:00:59.643 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-03 07:00:59.643 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-03 07:00:59.643 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-03 07:00:59.643 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-03 07:00:59.643 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-03 07:01:09.772 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-03 07:01:10.791 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-03 07:01:16.174 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 360721182720, \"freespace_total\": 360721182720, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 721018662912, \"freespace_total\": 721018662912, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6453235712, \"free_virtual\": 8386469888, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-04-03 07:01:16.256 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-03 07:01:16.257 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 07:01:16.346 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 08:19:34.348 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 08:19:34.460 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 09:45:41.604 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-03 09:45:41.801 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-03 09:45:41.801 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-03 09:45:41.801 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-03 09:45:42.814 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "6e822a867a5569b65f40282692b6a9f7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-03 09:45:42.814 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-03 09:45:42.814 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-03 09:45:42.924 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775223942
2026-04-03 09:45:42.924 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775223942
2026-04-03 09:45:42.924 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-03 09:45:42.925 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-03 09:45:42.927 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-03 10:10:16.462 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 10:10:16.550 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 11:13:16.551 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 11:13:16.640 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 12:50:28.641 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 12:50:28.729 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 14:25:53.750 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 14:25:53.866 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 14:32:40.827 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-03 14:32:43.975 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "6e822a867a5569b65f40282692b6a9f7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-03 14:32:44.265 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-03 14:32:44.847 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-03 14:32:44.847 [1423] info on_timer.cpp::update No agent updates available
2026-04-03 14:32:44.847 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-03 14:32:45.021 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-03 14:32:45.021 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-03 14:32:45.796 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-03 14:32:46.212 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108394
2026-04-03 14:32:47.426 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108394
2026-04-03 14:32:47.426 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108394
2026-04-03 14:32:47.999 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "6e822a867a5569b65f40282692b6a9f7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-03 14:32:48.004 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-03 14:32:48.173 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-03 14:32:48.174 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-03 14:32:48.364 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-03 14:32:48.364 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-03 14:32:48.379 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-03 15:54:05.868 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 15:54:05.957 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 16:09:31.747 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 16:09:31.849 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 17:32:19.848 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 17:32:19.939 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 18:49:43.940 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 18:49:44.055 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 20:06:03.231 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-03 20:06:03.437 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-03 20:06:03.437 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-03 20:06:03.437 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-03 20:06:04.449 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "84d1a6c116a4cd1ca449fdff8fe99345:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-03 20:06:04.450 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-03 20:06:04.450 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-03 20:06:04.602 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775261164
2026-04-03 20:06:04.602 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775261164
2026-04-03 20:06:04.602 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-03 20:06:04.603 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-03 20:06:04.603 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-03 20:42:14.057 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 20:42:14.146 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 22:09:32.140 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 22:09:32.229 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-03 23:21:32.227 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-03 23:21:32.317 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 00:44:20.343 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 00:44:20.431 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 01:51:50.432 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 01:51:50.522 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 02:01:59.581 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-04 02:34:23.991 [1425] info on_nebula.cpp::handle Scan complete, duration: 1944
2026-04-04 02:34:23.995 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-04 02:34:23.996 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 02:34:24.107 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 04:09:48.109 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 04:09:48.196 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 05:32:39.110 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 05:32:47.789 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 07:00:58.024 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-04 07:00:58.025 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-04 07:00:58.025 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-04 07:00:58.025 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-04 07:00:58.025 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-04 07:00:58.026 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-04 07:01:10.173 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-04 07:01:11.187 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-04 07:01:21.132 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 357478883328, \"freespace_total\": 357478883328, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 720916291584, \"freespace_total\": 720916291584, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 12661456896, \"free_virtual\": 8329195520, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-04 07:01:21.195 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-04 07:01:21.197 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 07:01:21.327 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 08:25:03.328 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 08:25:03.444 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 10:02:15.448 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 10:02:15.545 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 11:18:45.547 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 11:18:45.668 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 13:19:21.671 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 13:19:23.765 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 14:32:52.733 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-04 14:32:53.897 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "84d1a6c116a4cd1ca449fdff8fe99345:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-04 14:32:57.912 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "84d1a6c116a4cd1ca449fdff8fe99345:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-04 14:32:58.140 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-04 14:32:58.140 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-04 14:32:58.140 [1423] info on_timer.cpp::update No agent updates available
2026-04-04 14:32:58.140 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-04 14:32:58.305 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-04 14:32:58.305 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-04 14:32:59.126 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-04 14:32:59.198 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108404
2026-04-04 14:33:00.087 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108404
2026-04-04 14:33:00.088 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108404
2026-04-04 14:33:00.214 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-04 14:33:00.385 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-04 14:33:00.385 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-04 14:33:00.551 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-04 14:33:00.551 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-04 14:33:00.553 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-04 14:33:05.942 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "84d1a6c116a4cd1ca449fdff8fe99345:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-04 14:35:00.779 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 14:35:00.869 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 16:31:06.872 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 16:31:06.969 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 17:38:49.938 [1425] info client.cpp::callSync []
2026-04-04 17:38:50.042 [1425] info client.cpp::syncExclusions Updated exclusions: 6958ffe97fdfaf3f1ce6de25a581288a
2026-04-04 17:38:50.042 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 6958ffe97fdfaf3f1ce6de25a581288a
2026-04-04 17:38:50.042 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-04 17:38:50.044 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-04 17:38:50.044 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-04 17:38:50.046 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 17:38:50.242 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 19:16:57.215 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 19:16:57.303 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 21:01:21.305 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 21:01:21.419 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 22:39:27.421 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 22:39:27.510 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-04 23:55:58.523 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-04 23:55:58.611 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 01:55:40.612 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 01:55:40.724 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 03:28:22.726 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 03:28:22.814 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 05:19:04.816 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 05:19:04.905 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 07:00:47.353 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 07:00:47.493 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 07:00:58.782 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-05 07:00:58.782 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-05 07:00:58.783 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-05 07:00:58.783 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-05 07:00:58.783 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-05 07:00:58.784 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-05 07:01:07.922 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-05 07:01:07.931 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-05 07:01:14.832 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 354157146112, \"freespace_total\": 354157146112, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 720882352128, \"freespace_total\": 720882352128, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 12524961792, \"free_virtual\": 8345186304, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-05 07:01:14.967 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-05 08:46:05.506 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 08:46:05.595 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 10:08:53.596 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 10:08:53.685 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 12:05:53.687 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 12:05:53.776 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 13:08:54.794 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 13:08:54.883 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 14:16:24.884 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 14:16:24.971 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 14:33:06.031 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-05 14:33:09.293 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "84d1a6c116a4cd1ca449fdff8fe99345:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-05 14:33:11.952 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-05 14:33:11.960 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-05 14:33:11.960 [1423] info on_timer.cpp::update No agent updates available
2026-04-05 14:33:11.960 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-05 14:33:12.126 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-05 14:33:12.126 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-05 14:33:12.715 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-05 14:33:13.176 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108434
2026-04-05 14:33:14.563 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108434
2026-04-05 14:33:14.563 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108434
2026-04-05 14:33:15.153 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-05 14:33:15.328 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-05 14:33:15.329 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-05 14:33:15.495 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-05 14:33:15.495 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-05 14:33:15.496 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-05 14:33:17.322 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "84d1a6c116a4cd1ca449fdff8fe99345:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-05 15:09:19.676 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-05 15:09:19.821 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-05 15:09:19.821 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-05 15:09:19.821 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-05 15:09:23.840 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "875126a3e2aa8e0b41cb82dad801acd0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-05 15:09:24.864 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-05 15:09:24.864 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-05 15:09:24.954 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775416164
2026-04-05 15:09:24.954 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775416164
2026-04-05 15:09:24.954 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-05 15:09:24.956 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-05 15:09:24.963 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-05 15:21:34.855 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-05 15:21:35.580 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-05 15:21:35.580 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-05 15:21:35.580 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-05 15:21:35.592 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ad7f4e24ab5cd393dcaf51704ae46c55:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-05 15:21:35.593 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-05 15:21:35.593 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-05 15:21:35.726 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775416895
2026-04-05 15:21:35.726 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775416895
2026-04-05 15:21:35.726 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-05 15:21:35.727 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-05 15:21:35.727 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-05 15:27:10.101 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-05 15:27:10.274 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-05 15:27:10.275 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-05 15:27:10.275 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-05 15:27:13.515 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "fdf69343e5a2a74c643e6ea47e54466c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-05 15:27:13.515 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-05 15:27:13.515 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-05 15:27:13.761 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775417233
2026-04-05 15:27:13.761 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775417233
2026-04-05 15:27:13.761 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-05 15:27:13.762 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-05 15:27:13.764 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-05 15:41:43.793 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-05 15:41:43.927 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-05 15:41:43.927 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-05 15:41:43.927 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-05 15:41:46.317 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "8ec14dfa7e28bb5f5be15ac70bcb6ecb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-05 15:41:47.327 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-05 15:41:47.327 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-05 15:41:47.436 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775418107
2026-04-05 15:41:47.436 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775418107
2026-04-05 15:41:47.436 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-05 15:41:47.436 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-05 15:41:47.465 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-05 16:02:36.973 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 16:02:37.063 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 17:56:01.064 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 17:56:01.152 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 19:19:44.165 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 19:19:44.254 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 20:40:44.256 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 20:40:44.371 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 22:39:32.371 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 22:39:32.962 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-05 23:51:32.963 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-05 23:51:33.089 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 00:56:21.089 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 00:56:21.178 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 02:52:27.179 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 02:52:27.283 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 04:10:45.285 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 04:10:45.375 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 05:39:53.447 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 05:39:53.541 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 07:00:58.568 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-06 07:00:58.568 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-06 07:00:58.568 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-06 07:00:58.568 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-06 07:00:58.569 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-06 07:00:58.569 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-06 07:01:07.708 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-06 07:01:08.721 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-06 07:01:16.220 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 349267730432, \"freespace_total\": 349267730432, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 720761405440, \"freespace_total\": 720761405440, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10477953024, \"free_virtual\": 8346497024, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-06 07:01:16.337 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-06 07:25:11.542 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 07:25:11.631 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 09:19:29.632 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 09:19:30.115 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 10:20:42.338 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 10:20:42.426 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 10:22:30.969 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-06 10:22:31.092 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-06 10:22:31.092 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-06 10:22:31.092 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-06 10:22:32.105 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "efa1838bf70121dda3dda957f03f9525:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-06 10:22:32.168 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-06 10:22:32.168 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-06 10:22:32.266 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775485352
2026-04-06 10:22:32.266 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775485352
2026-04-06 10:22:32.266 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-06 10:22:32.266 [1425] info exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-04-06 10:22:32.300 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-06 10:24:37.744 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-06 10:24:37.854 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-06 10:24:37.854 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-06 10:24:37.854 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-06 10:24:38.866 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "8a77196036da55740b066d091ad6d24d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-06 10:24:38.866 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-06 10:24:38.866 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-06 10:24:39.031 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775485478
2026-04-06 10:24:39.031 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775485478
2026-04-06 10:24:39.031 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-06 10:24:40.212 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-06 10:24:51.269 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-06 10:24:51.378 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-06 10:24:51.378 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-06 10:24:51.390 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-06 10:24:51.390 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-06 10:24:51.490 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775485491
2026-04-06 10:24:51.490 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775485491
2026-04-06 10:24:51.490 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-06 10:24:51.940 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-06 10:26:10.016 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-06 10:26:10.123 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-06 10:26:10.123 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-06 10:26:10.123 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-06 10:26:11.135 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2bf0369936aa4aac7983d38e880a82b2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-06 10:26:11.136 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-06 10:26:11.136 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-06 10:26:11.245 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775485571
2026-04-06 10:26:11.245 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775485571
2026-04-06 10:26:11.245 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-06 10:26:11.590 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-06 10:49:58.411 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-06 10:49:58.566 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-06 10:49:58.566 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-06 10:49:58.566 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-06 10:49:59.583 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7d05ef564f77480ab7c23374f3aa4b73:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-06 10:49:59.584 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-06 10:49:59.584 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-06 10:49:59.726 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775486999
2026-04-06 10:49:59.726 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775486999
2026-04-06 10:49:59.726 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-06 10:49:59.741 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-06 11:57:54.428 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 11:57:54.541 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 13:47:42.542 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 13:47:42.630 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 14:33:19.877 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-06 14:33:22.777 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7d05ef564f77480ab7c23374f3aa4b73:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-06 14:33:26.373 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-06 14:33:26.516 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-06 14:33:26.516 [1423] info on_timer.cpp::update No agent updates available
2026-04-06 14:33:26.516 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-06 14:33:26.687 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-06 14:33:26.687 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-06 14:33:27.152 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-06 14:33:27.695 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108470
2026-04-06 14:33:29.010 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108470
2026-04-06 14:33:29.010 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108470
2026-04-06 14:33:29.731 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-06 14:33:29.903 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-06 14:33:29.953 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-06 14:33:30.117 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-06 14:33:30.117 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-06 14:33:30.139 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-06 14:33:40.643 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7d05ef564f77480ab7c23374f3aa4b73:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-06 15:13:12.644 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 15:13:12.731 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 16:27:05.883 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-06 16:27:06.000 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-06 16:27:06.000 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-06 16:27:06.000 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-06 16:27:10.016 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "bf9684849e463f8eb9e931a93094222a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-06 16:27:11.028 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-06 16:27:11.028 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-06 16:27:11.120 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775507231
2026-04-06 16:27:11.120 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775507231
2026-04-06 16:27:11.120 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-06 16:27:11.121 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-06 17:03:54.732 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 17:03:54.820 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 17:24:30.143 [1425] info client.cpp::callSync []
2026-04-06 17:24:31.251 [1425] info client.cpp::syncExclusions Updated exclusions: 5104f343460667aa0c74a2062e01982f
2026-04-06 17:24:31.251 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 5104f343460667aa0c74a2062e01982f
2026-04-06 17:24:31.251 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-06 17:24:31.252 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-06 17:24:31.254 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 17:24:31.342 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 19:17:01.343 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 19:17:01.432 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 20:58:44.445 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 20:58:44.561 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 21:48:20.491 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-06 21:48:20.608 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-06 21:48:20.608 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-06 21:48:20.608 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-06 21:48:23.653 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "0153126f4ec7f68c49d1df09a6fb9cee:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-06 21:48:23.662 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-06 21:48:23.662 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-06 21:48:23.774 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775526503
2026-04-06 21:48:23.774 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775526503
2026-04-06 21:48:23.774 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-06 21:48:23.805 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-06 22:08:02.810 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 22:08:02.898 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-06 23:26:20.899 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-06 23:26:21.013 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 00:59:57.015 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 00:59:57.145 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 02:01:58.355 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-07 02:46:13.711 [1425] info on_nebula.cpp::handle Scan complete, duration: 2655
2026-04-07 02:46:13.713 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-07 02:46:13.714 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 02:46:13.817 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 03:52:49.818 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 03:52:49.906 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 04:54:55.908 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 04:54:55.996 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 06:04:15.246 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 06:04:15.355 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 07:00:58.367 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-07 07:00:58.368 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-07 07:00:58.368 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-07 07:00:58.368 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-07 07:00:58.368 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-07 07:00:58.376 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-07 07:01:10.524 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-07 07:01:11.538 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-07 07:01:19.959 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 359525593088, \"freespace_total\": 359525593088, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 720644096000, \"freespace_total\": 720644096000, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11172442112, \"free_virtual\": 8316338176, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-07 07:01:20.025 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-07 07:01:20.026 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 07:01:20.112 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 08:57:26.114 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 08:57:26.200 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 09:58:39.214 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 09:58:39.312 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 10:29:32.363 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-07 10:29:50.138 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-07 10:29:50.138 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-07 10:29:50.138 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-07 10:29:51.151 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d638c785355052420a571b2d189310f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-07 10:29:51.559 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-07 10:29:51.559 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-07 10:29:51.682 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775572191
2026-04-07 10:29:51.682 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775572191
2026-04-07 10:29:51.682 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-07 10:29:51.741 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-07 11:35:51.312 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 11:35:51.399 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 12:37:03.399 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 12:37:03.487 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 13:51:45.493 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 13:51:45.581 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 14:33:34.814 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-07 14:33:38.697 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d638c785355052420a571b2d189310f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-07 14:33:40.402 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-07 14:33:40.402 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-07 14:33:40.402 [1423] info on_timer.cpp::update No agent updates available
2026-04-07 14:33:40.402 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-07 14:33:40.637 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-07 14:33:40.637 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-07 14:33:41.413 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-07 14:33:41.848 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108490
2026-04-07 14:33:42.726 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d638c785355052420a571b2d189310f8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-07 14:33:43.469 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108490
2026-04-07 14:33:43.599 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108490
2026-04-07 14:33:45.127 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-07 14:33:45.470 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-07 14:33:45.506 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-07 14:33:45.671 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-07 14:33:45.671 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-07 14:33:45.689 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-07 15:21:46.595 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 15:21:46.682 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 15:40:19.630 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-07 15:40:19.771 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-07 15:40:19.771 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-07 15:40:19.772 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-07 15:40:20.784 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d9fb7146a1155cfa281e348414fc651a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-07 15:40:20.784 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-07 15:40:20.784 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-07 15:40:20.935 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775590820
2026-04-07 15:40:20.935 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775590820
2026-04-07 15:40:20.935 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-07 15:40:20.936 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-07 16:47:16.684 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 16:47:16.771 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 18:32:34.772 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 18:32:34.861 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 19:32:52.863 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 19:32:52.949 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 21:20:52.950 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 21:20:54.958 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-07 22:55:24.958 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-07 22:55:25.046 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 00:00:13.047 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 00:00:13.159 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 01:06:49.160 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 01:06:49.251 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 02:01:59.309 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-08 03:00:46.972 [1425] info on_nebula.cpp::handle Scan complete, duration: 3527
2026-04-08 03:00:46.973 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-08 03:00:46.975 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 03:00:47.107 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 04:37:05.109 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 04:37:05.197 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 06:08:54.210 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 06:08:54.300 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 07:00:58.807 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-08 07:00:58.812 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-08 07:00:58.816 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-08 07:00:58.816 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-08 07:00:58.817 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-08 07:00:58.817 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-08 07:01:09.952 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-08 07:01:10.965 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-08 07:01:19.491 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 354340073472, \"freespace_total\": 354340073472, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 720588853248, \"freespace_total\": 720588853248, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11022839808, \"free_virtual\": 8264970240, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-08 07:01:19.613 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-08 07:01:19.619 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 07:01:19.708 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 08:56:32.721 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 08:56:32.809 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 10:24:44.810 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 10:24:44.906 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 11:52:56.907 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 11:52:56.994 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 12:55:30.705 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 12:55:30.794 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 13:58:30.796 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 13:58:30.883 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 14:33:49.800 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-08 14:33:52.938 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d9fb7146a1155cfa281e348414fc651a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-08 14:33:56.488 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-08 14:33:56.953 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d9fb7146a1155cfa281e348414fc651a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-08 14:33:57.044 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-08 14:33:57.044 [1423] info on_timer.cpp::update No agent updates available
2026-04-08 14:33:57.044 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-08 14:33:57.212 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-08 14:33:57.212 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-08 14:33:57.659 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-08 14:33:57.744 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108500
2026-04-08 14:33:59.308 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108500
2026-04-08 14:33:59.308 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108500
2026-04-08 14:34:00.198 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-08 14:34:00.372 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-08 14:34:00.372 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-08 14:34:00.537 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-08 14:34:00.537 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-08 14:34:00.554 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-08 15:14:06.884 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 15:14:07.029 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 17:02:07.031 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 17:02:07.119 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 18:31:13.121 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 18:31:13.209 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 20:10:13.210 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 20:10:13.299 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 21:13:13.300 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 21:13:13.387 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-08 22:40:31.389 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-08 22:40:31.475 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 00:09:37.477 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 00:09:37.566 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 01:29:43.567 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 01:29:43.655 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 02:02:00.821 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-09 02:48:52.972 [1425] info on_nebula.cpp::handle Scan complete, duration: 2812
2026-04-09 02:48:52.978 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-09 02:48:52.979 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 02:48:53.118 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 04:29:41.119 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 04:29:41.210 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 05:48:53.218 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 05:48:54.362 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 07:00:58.402 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-09 07:00:58.407 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-09 07:00:58.407 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-09 07:00:58.407 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-09 07:00:58.408 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-09 07:00:58.412 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-09 07:01:09.553 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-09 07:01:10.567 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-09 07:01:18.978 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 350520045568, \"freespace_total\": 350520045568, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 720453066752, \"freespace_total\": 720453066752, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 14151307264, \"free_virtual\": 8242950144, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-09 07:01:19.647 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-09 07:06:18.363 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 07:06:19.369 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 08:26:25.371 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 08:26:25.458 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 10:22:32.471 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 10:22:32.559 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 11:49:51.572 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 11:49:51.661 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 13:28:51.663 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 13:28:51.774 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 14:34:05.264 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-09 14:34:07.878 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d9fb7146a1155cfa281e348414fc651a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-09 14:34:09.022 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-09 14:34:09.031 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-09 14:34:09.031 [1423] info on_timer.cpp::update No agent updates available
2026-04-09 14:34:09.031 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-09 14:34:09.197 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-09 14:34:09.197 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-09 14:34:09.960 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-09 14:34:10.719 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108540
2026-04-09 14:34:10.891 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d9fb7146a1155cfa281e348414fc651a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:77", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-09 14:34:12.378 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108540
2026-04-09 14:34:12.378 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108540
2026-04-09 14:34:13.352 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-09 14:34:13.525 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-09 14:34:13.525 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-09 14:34:13.691 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-09 14:34:13.691 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-09 14:34:13.694 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-09 15:15:57.775 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 15:15:57.861 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 16:38:45.863 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 16:38:45.950 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 17:59:45.951 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 17:59:46.037 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 18:12:17.174 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-09 18:12:17.281 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-09 18:12:17.281 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-09 18:12:17.282 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-09 18:12:18.736 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a43d607ef41c73335b334f116a0d8296:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-09 18:12:18.736 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-09 18:12:18.736 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-09 18:12:18.885 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775772738
2026-04-09 18:12:18.885 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775772738
2026-04-09 18:12:18.885 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-09 18:12:18.888 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-09 19:16:16.258 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 19:16:16.345 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 21:00:40.346 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 21:00:40.436 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 22:51:23.449 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-09 22:51:23.537 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-09 23:47:45.059 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-09 23:47:45.298 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-09 23:47:45.298 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-09 23:47:45.298 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-09 23:47:46.310 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "4adfd62ef2f91aadb5d087beb6515c8f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-09 23:47:46.310 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-09 23:47:46.310 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-09 23:47:46.464 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775792866
2026-04-09 23:47:46.464 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775792866
2026-04-09 23:47:46.464 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-09 23:47:46.468 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-10 00:35:47.538 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 00:35:47.628 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 01:37:53.629 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 01:37:53.717 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 03:12:23.718 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 03:12:23.833 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 04:18:05.834 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 04:18:05.925 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 05:26:29.926 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 05:26:30.016 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 07:00:58.688 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-10 07:00:58.688 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-10 07:00:58.688 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-10 07:00:58.688 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-10 07:00:58.689 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-10 07:00:58.689 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-10 07:01:10.196 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-10 07:01:11.211 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-10 07:01:18.717 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 346067349504, \"freespace_total\": 346067349504, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 720228339712, \"freespace_total\": 720228339712, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 14944382976, \"free_virtual\": 8154198016, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-10 07:01:18.832 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-10 07:01:18.842 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 07:01:18.933 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 08:36:42.935 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 08:36:43.048 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 09:44:13.050 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 09:44:13.137 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 11:07:56.151 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 11:07:56.239 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 12:55:02.241 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 12:55:02.328 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 13:29:24.984 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-10 13:29:25.094 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-10 13:29:25.094 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-10 13:29:25.098 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-10 13:29:28.426 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "b4dde6938a40e9ddd390a675fe0dae60:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-10 13:29:28.472 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-10 13:29:28.473 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-10 13:29:28.565 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775842168
2026-04-10 13:29:28.565 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775842168
2026-04-10 13:29:28.565 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-10 13:29:28.958 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-10 13:36:12.769 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-10 13:36:12.873 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-10 13:36:12.873 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-10 13:36:12.873 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-10 13:36:13.885 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ad9d46a4564608d6adf4402a775ab803:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-10 13:36:13.886 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-10 13:36:13.886 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-10 13:36:14.023 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775842573
2026-04-10 13:36:14.023 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775842573
2026-04-10 13:36:14.023 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-10 13:36:14.024 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-10 14:34:17.825 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-10 14:34:23.204 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-10 14:34:23.206 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-10 14:34:23.206 [1423] info on_timer.cpp::update No agent updates available
2026-04-10 14:34:23.206 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-10 14:34:23.371 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-10 14:34:23.371 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-10 14:34:24.129 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-10 14:34:24.212 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108570
2026-04-10 14:34:25.318 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108570
2026-04-10 14:34:25.318 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108570
2026-04-10 14:34:25.527 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-10 14:34:25.702 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-10 14:34:25.702 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-10 14:34:25.865 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-10 14:34:25.865 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-10 14:34:25.866 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-10 14:39:26.329 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 14:39:26.417 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 16:32:50.418 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 16:32:50.507 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 18:00:08.508 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 18:00:08.597 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 19:42:44.598 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 19:42:44.689 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 20:57:26.690 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 20:57:26.780 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 22:09:26.781 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 22:09:26.871 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 22:14:32.189 [1425] info client.cpp::callSync []
2026-04-10 22:14:33.291 [1425] info client.cpp::syncExclusions Updated exclusions: 906efd4d0fa99330ee7df1cafab0671a
2026-04-10 22:14:33.291 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 906efd4d0fa99330ee7df1cafab0671a
2026-04-10 22:14:33.291 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-10 22:14:33.292 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-10 22:14:33.294 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 22:14:33.380 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-10 23:52:39.382 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-10 23:52:39.493 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 00:55:39.495 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 00:55:39.582 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 02:47:15.583 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 02:47:15.671 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 04:37:04.684 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 04:37:04.771 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 06:08:52.785 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 06:08:52.879 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 07:00:15.903 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-11 07:00:16.023 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-11 07:00:16.023 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-11 07:00:16.023 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-11 07:00:17.767 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "7df70b2e652b982428de150eb24ea772:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-11 07:00:17.769 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-11 07:00:17.770 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-11 07:00:17.913 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775905217
2026-04-11 07:00:17.913 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775905217
2026-04-11 07:00:17.913 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-11 07:00:17.926 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-11 07:00:58.077 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-11 07:00:58.077 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-11 07:00:58.077 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-11 07:00:58.077 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-11 07:00:58.077 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-11 07:00:58.078 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-11 07:01:09.216 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-11 07:01:10.229 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-11 07:01:18.683 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 343458656256, \"freespace_total\": 343458656256, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 720166785024, \"freespace_total\": 720166785024, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13506031616, \"free_virtual\": 8146071552, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-11 07:01:18.975 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-11 07:01:18.976 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 07:01:19.065 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 07:52:11.796 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-11 07:52:11.922 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-11 07:52:11.922 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-11 07:52:11.922 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-11 07:52:15.570 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1d921f80c51b9932577370e8ba3ea7c5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-11 07:52:15.590 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-11 07:52:15.590 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-11 07:52:15.761 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775908335
2026-04-11 07:52:15.761 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775908335
2026-04-11 07:52:15.761 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-11 07:52:15.766 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-11 08:05:46.241 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-11 08:05:46.348 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-11 08:05:46.348 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-11 08:05:46.348 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-11 08:05:48.150 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "3a7b8e091e9f28ebb8bc2930768cfb75:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-11 08:05:48.150 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-11 08:05:48.150 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-11 08:05:48.302 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1775909148
2026-04-11 08:05:48.302 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1775909148
2026-04-11 08:05:48.302 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-11 08:05:48.312 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-11 08:49:19.067 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 08:49:19.180 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 10:42:43.389 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 10:42:52.394 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 12:14:40.395 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 12:14:40.484 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 13:22:10.485 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 13:22:10.575 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 14:34:30.729 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-11 14:34:36.197 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-11 14:34:36.197 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-11 14:34:36.197 [1423] info on_timer.cpp::update No agent updates available
2026-04-11 14:34:36.197 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-11 14:34:36.367 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-11 14:34:36.367 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-11 14:34:37.122 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-11 14:34:37.206 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108582
2026-04-11 14:34:38.299 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108582
2026-04-11 14:34:38.300 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108582
2026-04-11 14:34:38.509 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-11 14:34:38.684 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-11 14:34:38.684 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-11 14:34:38.851 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-11 14:34:38.851 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-11 14:34:38.855 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-11 14:39:04.961 [1425] info client.cpp::registerRefresh nebula client refresh success
2026-04-11 14:39:04.961 [1425] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.ars
2026-04-11 14:39:04.961 [1425] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-04-11 14:39:04.985 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 14:39:05.075 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 16:36:05.076 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 16:36:05.164 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 18:11:29.165 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 18:11:29.252 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 20:03:59.254 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 20:03:59.340 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 21:33:59.342 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 21:34:10.917 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-11 22:44:22.919 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-11 22:44:23.007 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 00:17:05.008 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 00:17:05.097 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 02:14:05.098 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 02:14:05.201 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 03:35:05.202 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 03:35:05.298 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 05:14:05.300 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 05:14:05.388 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 07:05:41.389 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 07:05:41.476 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 08:50:06.489 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 08:50:06.601 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 10:46:12.603 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 10:46:12.717 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 12:22:31.730 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 12:22:31.821 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 13:27:19.823 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 13:27:19.916 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 14:34:43.731 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-12 14:34:49.687 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-12 14:34:49.696 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-12 14:34:49.696 [1423] info on_timer.cpp::update No agent updates available
2026-04-12 14:34:49.696 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-12 14:34:49.866 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-12 14:34:49.866 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-12 14:34:50.341 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-12 14:34:51.094 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108614
2026-04-12 14:34:52.251 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108614
2026-04-12 14:34:52.251 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108614
2026-04-12 14:34:52.553 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-12 14:34:52.796 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-12 14:34:52.796 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-12 14:34:52.974 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-12 14:34:52.974 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-12 14:34:54.466 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-12 15:15:19.917 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 15:15:20.009 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 16:57:56.011 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 16:57:56.098 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 18:51:20.099 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 18:51:20.211 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 20:06:56.212 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 20:06:56.302 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 21:32:26.303 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 21:32:26.418 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-12 23:01:32.420 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-12 23:01:32.506 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 00:12:38.508 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 00:12:38.597 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 01:32:44.599 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 01:32:44.692 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 02:02:00.808 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-13 02:52:39.561 [1425] info on_nebula.cpp::handle Scan complete, duration: 3039
2026-04-13 02:52:39.581 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-13 02:52:39.582 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 02:52:39.693 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 04:52:21.911 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 04:52:21.998 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 06:04:22.041 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 06:04:22.147 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 07:00:58.328 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-13 07:00:58.338 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-13 07:00:58.340 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-13 07:00:58.340 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-13 07:00:58.341 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-13 07:00:58.341 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-13 07:01:10.474 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-13 07:01:11.488 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-13 07:01:19.927 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 337546874880, \"freespace_total\": 337546874880, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719991300096, \"freespace_total\": 719991300096, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13446324224, \"free_virtual\": 8087351296, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-13 07:01:19.988 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-13 07:01:19.989 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 07:01:20.075 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 08:12:27.099 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 08:12:27.189 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 09:44:16.202 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 09:44:16.294 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 11:02:35.307 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 11:02:35.395 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 12:02:53.594 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 12:02:53.686 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 13:04:05.687 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 13:04:05.776 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 14:26:54.197 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 14:26:54.287 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 14:34:58.573 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-13 14:35:01.298 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "3a7b8e091e9f28ebb8bc2930768cfb75:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-13 14:35:04.043 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-13 14:35:04.044 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-13 14:35:04.044 [1423] info on_timer.cpp::update No agent updates available
2026-04-13 14:35:04.044 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-13 14:35:04.262 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-13 14:35:04.262 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-13 14:35:04.320 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "3a7b8e091e9f28ebb8bc2930768cfb75:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-13 14:35:04.681 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-13 14:35:04.757 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108650
2026-04-13 14:35:05.863 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108650
2026-04-13 14:35:05.863 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108650
2026-04-13 14:35:06.134 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-13 14:35:06.307 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-13 14:35:06.307 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-13 14:35:06.476 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-13 14:35:06.476 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-13 14:35:06.481 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-13 16:25:42.288 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 16:25:42.374 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 16:35:03.458 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-13 16:35:03.597 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-13 16:35:03.597 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-13 16:35:03.597 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-13 16:35:04.610 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "190ff597a21435d1ebc864887c27e5ad:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-13 16:35:04.610 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-13 16:35:04.610 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-13 16:35:04.785 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776112504
2026-04-13 16:35:04.785 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776112504
2026-04-13 16:35:04.785 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-13 16:35:04.788 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-13 17:50:18.581 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 17:50:18.667 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 18:31:21.798 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-13 18:31:21.942 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-13 18:31:21.942 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-13 18:31:21.942 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-13 18:31:22.955 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1d45760d40827a156beb672372bf5b3f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-13 18:31:22.956 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-13 18:31:22.956 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-13 18:31:23.109 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776119482
2026-04-13 18:31:23.109 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776119482
2026-04-13 18:31:23.109 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-13 18:31:23.124 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-13 18:56:54.668 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 18:56:54.752 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 20:35:00.753 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 20:35:00.834 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-13 22:15:48.832 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-13 22:15:48.916 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 00:11:54.920 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 00:11:55.049 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 01:48:13.049 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 01:48:13.167 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 02:01:59.227 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-14 02:34:13.091 [1425] info on_nebula.cpp::handle Scan complete, duration: 1934
2026-04-14 02:34:13.101 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-14 02:34:13.104 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 02:34:13.218 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 04:08:44.231 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 04:08:44.310 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 05:19:50.311 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 05:19:50.395 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 07:00:58.475 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-14 07:00:58.475 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-14 07:00:58.475 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-14 07:00:58.475 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-14 07:00:58.476 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-14 07:00:58.476 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-14 07:01:06.626 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-14 07:01:07.642 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-14 07:01:16.069 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 357579550720, \"freespace_total\": 357579550720, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719882915840, \"freespace_total\": 719882915840, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11522560000, \"free_virtual\": 8080150528, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-14 07:01:16.166 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-14 07:12:20.396 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 07:12:20.481 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 08:35:08.483 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 08:35:08.572 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 10:14:09.585 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 10:14:09.670 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 11:37:52.683 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 11:37:52.770 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 11:53:29.778 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-14 11:53:29.902 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-14 11:53:29.902 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-14 11:53:29.902 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-14 11:53:30.917 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "0fba856a6681fda1845f50b28bffed51:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-14 11:53:30.917 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-14 11:53:30.918 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-14 11:53:31.073 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776182010
2026-04-14 11:53:31.073 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776182010
2026-04-14 11:53:31.073 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-14 11:53:31.076 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-14 13:22:16.771 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 13:22:16.858 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 14:35:11.418 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-14 14:35:14.948 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "0fba856a6681fda1845f50b28bffed51:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-14 14:35:17.912 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-14 14:35:17.912 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-14 14:35:17.912 [1423] info on_timer.cpp::update No agent updates available
2026-04-14 14:35:17.912 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-14 14:35:18.140 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-14 14:35:18.140 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-14 14:35:18.701 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-14 14:35:18.785 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108680
2026-04-14 14:35:18.963 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "0fba856a6681fda1845f50b28bffed51:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-14 14:35:19.890 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108680
2026-04-14 14:35:19.890 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108680
2026-04-14 14:35:20.190 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-14 14:35:20.366 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-14 14:35:20.366 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-14 14:35:20.558 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-14 14:35:20.558 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-14 14:35:20.560 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-14 14:48:40.859 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 14:48:40.947 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 16:15:58.949 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 16:15:59.032 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 17:43:18.046 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 17:43:18.126 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 19:08:48.127 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 19:08:48.240 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 21:01:18.241 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 21:01:18.326 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 22:04:18.224 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 22:04:18.356 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-14 23:56:48.461 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-14 23:56:53.767 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 01:28:41.769 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 01:28:41.857 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 02:01:58.061 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-15 02:41:13.657 [1425] info on_nebula.cpp::handle Scan complete, duration: 2355
2026-04-15 02:41:13.673 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-15 02:41:13.674 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 02:41:13.799 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 04:13:55.801 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 04:13:55.914 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 05:15:07.916 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 05:15:08.026 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 06:45:09.038 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 06:45:09.128 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 07:00:59.425 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-15 07:00:59.425 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-15 07:00:59.425 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-15 07:00:59.425 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-15 07:00:59.426 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-15 07:00:59.430 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-15 07:01:10.942 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-15 07:01:10.955 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-15 07:01:18.542 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 354508292096, \"freespace_total\": 354508292096, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719803248640, \"freespace_total\": 719803248640, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 12480565248, \"free_virtual\": 8062464000, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-15 07:01:18.651 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-15 08:22:21.129 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 08:22:21.216 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 09:48:45.217 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 09:48:45.328 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 11:08:51.330 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 11:08:51.416 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 11:22:25.136 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-15 11:22:25.247 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-15 11:22:25.247 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-15 11:22:25.256 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-15 11:22:27.432 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "de8952378c160c869abaf8446d6393f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-15 11:22:27.432 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-15 11:22:27.434 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-15 11:22:27.564 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776266547
2026-04-15 11:22:27.564 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776266547
2026-04-15 11:22:27.564 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-15 11:22:27.580 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-15 12:24:28.432 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 12:24:28.542 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 14:07:58.544 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 14:07:58.629 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 14:35:25.333 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-15 14:35:26.772 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "de8952378c160c869abaf8446d6393f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-15 14:35:29.622 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-15 14:35:29.628 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-15 14:35:29.628 [1423] info on_timer.cpp::update No agent updates available
2026-04-15 14:35:29.628 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-15 14:35:29.906 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-15 14:35:29.906 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-15 14:35:30.492 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-15 14:35:30.610 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108720
2026-04-15 14:35:30.799 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "de8952378c160c869abaf8446d6393f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-15 14:35:32.794 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108720
2026-04-15 14:35:32.794 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108720
2026-04-15 14:35:33.278 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-15 14:35:33.461 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-15 14:35:33.462 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-15 14:35:33.658 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-15 14:35:33.658 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-15 14:35:33.663 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-15 14:35:34.818 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "de8952378c160c869abaf8446d6393f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-15 15:31:40.630 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 15:31:40.720 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 17:10:40.721 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 17:10:40.840 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 18:07:12.163 [1425] info client.cpp::callSync []
2026-04-15 18:07:13.291 [1425] info client.cpp::syncExclusions Updated exclusions: c3170f8a8f976193dccc602f9297e281
2026-04-15 18:07:13.291 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: c3170f8a8f976193dccc602f9297e281
2026-04-15 18:07:13.291 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-15 18:07:13.292 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-15 18:07:13.295 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 18:07:13.383 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 20:01:32.396 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 20:01:32.484 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 21:25:15.497 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 21:25:15.583 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-15 23:09:39.585 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-15 23:09:39.698 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 00:55:52.710 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 00:55:52.798 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 02:01:58.884 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-16 02:13:47.159 [1425] info on_nebula.cpp::handle Scan complete, duration: 709
2026-04-16 02:13:47.161 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-16 02:13:47.162 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 02:13:47.281 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 03:28:30.294 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 03:28:30.412 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 04:51:18.618 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 04:51:18.788 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 06:01:31.009 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 06:01:31.103 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 07:00:59.129 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-16 07:00:59.134 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-16 07:00:59.134 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-16 07:00:59.134 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-16 07:00:59.135 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-16 07:00:59.135 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-16 07:01:08.276 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-16 07:01:09.290 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-16 07:01:16.885 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 353776046080, \"freespace_total\": 353776046080, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719700959232, \"freespace_total\": 719700959232, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9104691200, \"free_virtual\": 8076865536, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-04-16 07:01:16.957 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-16 07:04:47.159 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "de8952378c160c869abaf8446d6393f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-16 07:04:51.215 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "de8952378c160c869abaf8446d6393f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-16 07:18:55.103 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 07:18:55.192 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 09:02:25.193 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 09:02:25.283 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 09:16:50.761 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-16 09:16:50.999 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-16 09:16:50.999 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-16 09:16:51.000 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-16 09:16:52.125 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d7dc105d569d0430e8958307abf70711:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-16 09:16:52.125 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-16 09:16:52.126 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-16 09:16:52.271 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776345412
2026-04-16 09:16:52.271 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776345412
2026-04-16 09:16:52.271 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-16 09:16:52.273 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-16 10:04:31.709 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 10:04:31.821 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 11:55:13.822 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 11:55:13.909 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 13:09:01.911 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 13:09:01.994 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 14:35:38.321 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-16 14:35:43.745 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-16 14:35:43.745 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-16 14:35:43.745 [1423] info on_timer.cpp::update No agent updates available
2026-04-16 14:35:43.745 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-16 14:35:43.907 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-16 14:35:43.907 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-16 14:35:44.629 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-16 14:35:44.728 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108750
2026-04-16 14:35:45.655 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108750
2026-04-16 14:35:45.655 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108750
2026-04-16 14:35:45.793 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-16 14:35:45.969 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-16 14:35:45.969 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-16 14:35:46.132 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-16 14:35:46.132 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-16 14:35:46.134 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-16 14:41:43.996 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 14:41:44.107 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 15:52:50.108 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 15:52:50.192 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 17:48:56.193 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 17:48:56.276 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 19:14:27.290 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 19:14:27.378 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 20:50:46.392 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 20:50:46.508 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 22:27:04.511 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 22:27:04.596 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-16 23:44:28.598 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-16 23:44:28.686 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 01:04:34.687 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 01:04:34.774 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 02:02:00.937 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-17 02:13:29.752 [1425] info on_nebula.cpp::handle Scan complete, duration: 689
2026-04-17 02:13:29.760 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-17 02:13:29.761 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 02:13:29.891 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 03:47:06.321 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 03:47:06.412 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 05:37:48.414 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 05:37:48.621 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 06:32:50.709 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-17 06:32:50.885 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-17 06:32:50.886 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-17 06:32:50.891 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-17 06:32:51.904 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "e63c0498bad2e719364ce931c7c2d92e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-17 06:32:51.906 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-17 06:32:51.907 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-17 06:32:52.059 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776421971
2026-04-17 06:32:52.059 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776421971
2026-04-17 06:32:52.059 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-17 06:32:52.061 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-17 07:01:00.946 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-17 07:01:00.946 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-17 07:01:00.946 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-17 07:01:00.946 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-17 07:01:00.946 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-17 07:01:00.947 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-17 07:01:11.080 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-17 07:01:12.097 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-17 07:01:20.484 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 354317471744, \"freespace_total\": 354317471744, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719546986496, \"freespace_total\": 719546986496, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10746572800, \"free_virtual\": 8101769216, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-17 07:01:20.537 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-17 07:37:30.622 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 07:37:30.706 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 09:30:54.707 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 09:30:54.792 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 10:35:38.600 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-17 10:35:38.745 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-17 10:35:38.745 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-17 10:35:38.745 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-17 10:35:41.302 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ff3ca07d0f64f04a6d434fd0b4bcd222:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-17 10:35:41.302 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-17 10:35:41.302 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-17 10:35:41.455 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776436541
2026-04-17 10:35:41.455 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776436541
2026-04-17 10:35:41.455 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-17 10:35:41.456 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-17 10:49:57.285 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-17 10:49:58.594 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-17 10:49:58.594 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-17 10:49:58.594 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-17 10:49:59.607 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "e45a191429f2abb1d8280eed39a6bd9a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-17 10:49:59.607 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-17 10:49:59.607 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-17 10:49:59.724 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776437399
2026-04-17 10:49:59.724 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776437399
2026-04-17 10:49:59.724 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-17 10:49:59.725 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-17 11:21:36.793 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 11:21:36.880 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 12:09:18.832 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-17 12:09:18.947 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-17 12:09:18.947 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-17 12:09:18.947 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-17 12:09:21.464 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "e0eacf6ef6c9300b3c88b5a948fceddc:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-17 12:09:21.464 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-17 12:09:21.465 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-17 12:09:21.613 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776442161
2026-04-17 12:09:21.613 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776442161
2026-04-17 12:09:21.613 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-17 12:09:21.614 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-17 12:44:17.436 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-17 12:44:18.213 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-17 12:44:18.213 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-17 12:44:18.213 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-17 12:44:19.226 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ec0e41d8f8fd417181a202e57e8b61da:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-17 12:44:19.226 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-17 12:44:19.226 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-17 12:44:19.362 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776444259
2026-04-17 12:44:19.363 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776444259
2026-04-17 12:44:19.363 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-17 12:44:19.368 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-17 13:18:37.522 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 13:18:37.610 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 13:21:05.774 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-17 13:21:05.910 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-17 13:21:05.910 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-17 13:21:05.910 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-17 13:21:06.923 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d9d64428af3a51adcf59793bcf34f465:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-17 13:21:06.923 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-17 13:21:06.923 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-17 13:21:07.032 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776446466
2026-04-17 13:21:07.033 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776446466
2026-04-17 13:21:07.033 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-17 13:21:07.033 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-17 13:33:07.646 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-17 13:33:07.805 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-17 13:33:07.805 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-17 13:33:07.805 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-17 13:33:09.413 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d0ecb6ee86eee466663889557fb55b91:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-17 13:33:09.413 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-17 13:33:09.413 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-17 13:33:09.580 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776447189
2026-04-17 13:33:09.580 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776447189
2026-04-17 13:33:09.580 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-17 13:33:09.581 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-17 14:34:13.839 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 14:34:13.930 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 14:35:50.437 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-17 14:35:56.840 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-17 14:35:56.971 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-17 14:35:56.971 [1423] info on_timer.cpp::update No agent updates available
2026-04-17 14:35:56.971 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-17 14:35:57.151 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-17 14:35:57.151 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-17 14:35:57.527 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-17 14:35:57.604 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108780
2026-04-17 14:35:58.815 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108780
2026-04-17 14:35:58.815 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108780
2026-04-17 14:35:59.014 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-17 14:35:59.214 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-17 14:35:59.215 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-17 14:35:59.376 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-17 14:35:59.376 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-17 14:35:59.377 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-17 16:06:55.931 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 16:06:56.020 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 17:20:44.021 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 17:20:44.108 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 18:55:15.121 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 18:55:15.208 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 20:49:33.209 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 20:49:33.297 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 22:06:03.300 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 22:06:03.379 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-17 23:47:45.380 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-17 23:47:45.463 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 01:15:03.464 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 01:15:03.553 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 02:01:59.583 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-18 02:08:59.737 [1425] info on_nebula.cpp::handle Scan complete, duration: 420
2026-04-18 02:08:59.739 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-18 02:08:59.740 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 02:08:59.872 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 03:28:12.081 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 03:28:12.165 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 04:47:24.780 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 04:47:37.028 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 06:23:55.235 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 06:23:55.323 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 07:24:57.716 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-18 07:25:03.944 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-18 07:25:03.945 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-18 07:25:03.945 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-18 07:25:04.959 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9821acd6f593cd45c57d8ca36a5ad422:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-18 07:25:04.960 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-18 07:25:04.960 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-18 07:25:05.132 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776511504
2026-04-18 07:25:05.132 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776511504
2026-04-18 07:25:05.132 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-18 07:25:05.135 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-18 08:20:56.337 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 08:20:56.425 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 09:56:20.427 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 09:56:20.544 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 10:58:26.545 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 10:58:26.635 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 12:07:44.637 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 12:07:44.776 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 13:09:50.777 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 13:09:50.861 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 14:36:04.123 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-18 14:36:08.043 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9821acd6f593cd45c57d8ca36a5ad422:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-18 14:36:10.614 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-18 14:36:10.614 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-18 14:36:10.614 [1423] info on_timer.cpp::update No agent updates available
2026-04-18 14:36:10.614 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-18 14:36:10.838 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-18 14:36:10.838 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-18 14:36:11.300 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-18 14:36:11.499 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108814
2026-04-18 14:36:12.543 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108814
2026-04-18 14:36:12.543 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108814
2026-04-18 14:36:12.816 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-18 14:36:13.000 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-18 14:36:13.000 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-18 14:36:13.169 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-18 14:36:13.169 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-18 14:36:13.171 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-18 14:36:14.862 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 14:36:14.951 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 14:36:31.010 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9821acd6f593cd45c57d8ca36a5ad422:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-18 16:09:50.953 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 16:09:51.040 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 16:24:14.494 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-18 16:24:16.020 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-18 16:24:16.021 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-18 16:24:16.021 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-18 16:24:17.068 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9e62870156829c6a555ebfdc24dfa1e7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-18 16:24:17.068 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-18 16:24:17.068 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-18 16:24:17.205 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776543857
2026-04-18 16:24:17.205 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776543857
2026-04-18 16:24:17.205 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-18 16:24:17.208 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-18 17:44:21.041 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 17:44:21.124 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 17:54:06.305 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-18 17:54:06.775 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-18 17:54:06.775 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-18 17:54:06.775 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-18 17:54:09.452 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "63ac34d631131b0eef8dc21ccbbc1e8c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-18 17:54:09.452 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-18 17:54:09.453 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-18 17:54:09.567 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776549249
2026-04-18 17:54:09.567 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776549249
2026-04-18 17:54:09.567 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-18 17:54:09.568 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-18 19:34:10.138 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 19:34:10.278 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 20:45:16.279 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 20:45:16.366 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 21:51:51.401 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 21:51:51.483 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-18 21:58:22.349 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-18 21:58:22.642 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-18 21:58:22.642 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-18 21:58:22.642 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-18 21:58:23.655 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9eca70239458946ccb3800bc5edec987:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-18 21:58:23.655 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-18 21:58:23.655 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-18 21:58:23.948 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776563903
2026-04-18 21:58:23.948 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776563903
2026-04-18 21:58:23.948 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-18 21:58:23.949 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-18 23:02:58.450 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-18 23:02:58.564 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 00:59:04.564 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 00:59:04.650 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 02:52:28.652 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 02:52:28.736 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 04:20:40.737 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 04:20:40.826 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 06:04:10.827 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 06:04:10.915 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 07:01:00.949 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-19 07:01:00.949 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-19 07:01:00.949 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-19 07:01:00.949 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-19 07:01:00.950 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-19 07:01:00.950 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-19 07:01:13.100 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-19 07:01:14.114 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-19 07:01:22.470 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 355207868416, \"freespace_total\": 355207868416, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719454326784, \"freespace_total\": 719454326784, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7521198080, \"free_virtual\": 8192385024, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-04-19 07:01:22.502 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-19 07:19:46.916 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 07:19:47.058 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 08:51:35.059 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 08:51:35.183 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 10:26:59.185 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 10:26:59.273 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 10:50:08.649 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-19 10:50:08.785 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-19 10:50:08.785 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-19 10:50:08.785 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-19 10:50:11.629 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "42d543940e2300b070ccdd05811c1e59:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-19 10:50:11.630 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-19 10:50:11.630 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-19 10:50:11.764 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776610211
2026-04-19 10:50:11.764 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776610211
2026-04-19 10:50:11.764 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-19 10:50:11.765 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-19 12:05:05.274 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 12:05:05.366 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 13:28:48.380 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 13:28:48.469 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 14:36:17.206 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-19 14:36:22.483 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "42d543940e2300b070ccdd05811c1e59:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-19 14:36:23.652 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-19 14:36:23.653 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-19 14:36:23.653 [1423] info on_timer.cpp::update No agent updates available
2026-04-19 14:36:23.653 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-19 14:36:23.816 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-19 14:36:23.816 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-19 14:36:24.490 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-19 14:36:24.607 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108854
2026-04-19 14:36:25.549 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108854
2026-04-19 14:36:25.550 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108854
2026-04-19 14:36:25.654 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-19 14:36:25.852 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-19 14:36:25.852 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-19 14:36:26.011 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-19 14:36:26.011 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-19 14:36:26.014 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-19 14:36:26.499 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "42d543940e2300b070ccdd05811c1e59:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-19 15:06:54.470 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 15:06:54.558 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 16:01:02.063 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-19 16:01:02.210 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-19 16:01:02.210 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-19 16:01:02.210 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-19 16:01:03.443 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "905f042bd4665acf5bcb6176f8b4a1f4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-19 16:01:03.443 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-19 16:01:03.444 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-19 16:01:03.542 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776628863
2026-04-19 16:01:03.542 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776628863
2026-04-19 16:01:03.542 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-19 16:01:03.543 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-19 16:48:37.572 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 16:48:37.660 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 18:04:13.661 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 18:04:13.742 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 19:05:26.756 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 19:05:26.841 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 20:24:39.275 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 20:24:46.359 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-19 22:16:22.360 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-19 22:16:22.470 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 00:11:34.471 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 00:11:34.559 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 01:16:22.561 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 01:16:22.669 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 02:01:58.804 [1425] info on_nebula.cpp::handle Performing threat scan
2026-04-20 02:06:55.383 [1425] info on_nebula.cpp::handle Scan complete, duration: 297
2026-04-20 02:06:55.385 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-20 02:06:55.386 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 02:06:55.564 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 03:58:31.779 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 03:58:31.888 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 05:44:43.889 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 05:44:43.973 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 06:45:01.974 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 06:45:02.062 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 07:00:59.387 [1425] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-20 07:00:59.387 [1425] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-20 07:00:59.387 [1425] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-20 07:00:59.387 [1425] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-20 07:00:59.388 [1425] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-20 07:00:59.389 [1425] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-20 07:01:08.714 [1425] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-20 07:01:08.746 [1425] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-20 07:01:16.888 [1425] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 354412257280, \"freespace_total\": 354412257280, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719292059648, \"freespace_total\": 719292059648, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 15370125312, \"free_virtual\": 8175144960, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-20 07:01:16.959 [1425] info schedule_store.cpp::save Saved nebula schedules
2026-04-20 08:17:44.063 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 08:17:44.143 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 10:12:56.144 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 10:12:56.232 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 11:24:02.233 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 11:24:02.317 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 11:50:15.441 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-20 11:50:15.582 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-20 11:50:15.582 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-20 11:50:15.582 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-20 11:50:18.655 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "dae2190e061692e1ddd4ddb03879ecac:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-20 11:50:18.656 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-20 11:50:18.656 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-20 11:50:18.864 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776700218
2026-04-20 11:50:18.864 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776700218
2026-04-20 11:50:18.864 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-20 11:50:18.865 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-20 12:32:26.318 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 12:32:26.404 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 13:34:16.035 [1425] info client.cpp::sync Command received : event.policy.refresh
2026-04-20 13:34:16.162 [1425] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-20 13:34:16.162 [1425] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-20 13:34:16.162 [1425] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-20 13:34:17.459 [1425] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d35a7d5397ede608f4b45ac560b05ec9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-20 13:34:17.459 [1425] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-20 13:34:17.459 [1425] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-20 13:34:17.596 [1425] info client.cpp::syncExclusions Updated exclusions: nebula-1776706457
2026-04-20 13:34:17.596 [1425] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776706457
2026-04-20 13:34:17.596 [1425] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-20 13:34:17.597 [1425] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-20 14:26:44.406 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 14:26:44.493 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 14:36:30.076 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-20 14:36:35.473 [1423] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-20 14:36:35.478 [1423] info update.cpp::launchAgentUpdate No agent updates available
2026-04-20 14:36:35.478 [1423] info on_timer.cpp::update No agent updates available
2026-04-20 14:36:35.478 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-20 14:36:35.645 [1423] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-20 14:36:35.645 [1423] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-20 14:36:36.159 [1423] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-20 14:36:36.234 [1423] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108898
2026-04-20 14:36:37.357 [1423] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108898
2026-04-20 14:36:37.357 [1423] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108898
2026-04-20 14:36:37.451 [1423] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-20 14:36:37.724 [1423] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-20 14:36:37.724 [1423] info sirius.cpp::downloadUpdates checking for new updates
2026-04-20 14:36:37.885 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-20 14:36:37.885 [1423] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-20 14:36:37.887 [1423] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-20 15:37:50.495 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 15:37:50.581 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 17:28:32.582 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 17:28:32.666 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 18:40:32.667 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 18:40:32.774 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 20:31:14.775 [1425] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 20:31:14.862 [1425] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 21:50:29.878 [1422] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-04-20 21:50:30.552 [1426] info communicator.cpp::processor processing exited
2026-04-20 21:50:46.879 [1007] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-04-20 21:50:46.879 [1007] warn plugin_manager.cpp::finalize failed to kill plugin epa.linux.plugin.edr
2026-04-20 21:50:46.879 [1007] warn plugin_manager.cpp::finalize OSError at /src/nebula/plugin_manager.cpp:515 ()
2026-04-20 21:50:47.879 [1007] info mbdaemon.cpp::main Exiting Main - 0
2026-04-20 21:50:47.919 [92214] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.89 **************
2026-04-20 21:50:47.922 [92214] info mbdaemon.cpp::main logLevel is info
2026-04-20 21:50:47.922 [92214] info mbdaemon.cpp::main syslogLevel is warn
2026-04-20 21:50:47.922 [92214] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-04-20 21:50:47.922 [92214] info sirius.cpp::initialize Setting Sirius channel: release
2026-04-20 21:50:47.997 [92214] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-04-20 21:50:48.038 [92214] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-04-20 21:50:48.225 [92214] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-20 21:50:48.225 [92232] info telemetry_controller.cpp::processTelemetryData processing starting
2026-04-20 21:50:48.225 [92236] info communicator.cpp::processor processing starting
2026-04-20 21:50:50.243 [92235] info client.cpp::initialize Upgrade detected from mblinux/1.1.88 to mblinux/1.1.89
2026-04-20 21:50:50.244 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-20 21:50:50.244 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-20 21:50:50.244 [92235] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.ars
2026-04-20 21:50:50.244 [92235] info sirius.cpp::downloadUpdates checking for new updates
2026-04-20 21:50:50.403 [92235] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-20 21:50:50.404 [92235] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.ars, using old version
2026-04-20 21:50:50.404 [92235] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-04-20 21:50:50.408 [92235] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-04-20 21:50:50.408 [92235] info sirius.cpp::downloadUpdates checking for new updates
2026-04-20 21:50:50.558 [92235] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-20 21:50:50.558 [92235] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-04-20 21:50:50.558 [92235] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-04-20 21:50:50.564 [92235] info schedule_store.cpp::load Loaded nebula schedules
2026-04-20 21:50:50.661 [92235] info client.cpp::callSync []
2026-04-20 21:50:51.226 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-20 21:50:51.665 [92235] info client.cpp::checkAgentAndAssetInfo Sending asset info for new version
2026-04-20 21:50:51.666 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-20 21:50:51.666 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-20 21:50:51.666 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-20 21:50:51.666 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-20 21:50:51.666 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-20 21:50:57.504 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-20 21:50:57.505 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-20 21:50:57.505 [92233] info on_timer.cpp::update No agent updates available
2026-04-20 21:50:57.505 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-20 21:50:57.651 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-20 21:50:57.651 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-20 21:50:58.392 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-20 21:50:58.476 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108908
2026-04-20 21:50:59.402 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108908
2026-04-20 21:50:59.402 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108908
2026-04-20 21:50:59.539 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-20 21:50:59.768 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-20 21:51:02.736 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-20 21:51:03.745 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-20 21:51:11.048 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 355009306624, \"freespace_total\": 355009306624, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719266402304, \"freespace_total\": 719266402304, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 15498448896, \"free_virtual\": 8177504256, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-20 21:51:11.068 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d35a7d5397ede608f4b45ac560b05ec9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-20 21:51:11.147 [92235] info client.cpp::syncExclusions Updated exclusions: 2ab6658bde9a77c9b32b9711c3898266
2026-04-20 21:51:11.156 [92235] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-04-20 21:51:11.156 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 21:51:11.258 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-20 21:51:15.268 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d35a7d5397ede608f4b45ac560b05ec9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-20 21:51:15.268 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 2ab6658bde9a77c9b32b9711c3898266
2026-04-20 21:51:15.268 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-20 21:51:15.269 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-20 23:25:41.745 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-20 23:25:41.814 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 01:01:05.819 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 01:01:05.889 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 02:01:58.987 [92235] info on_nebula.cpp::handle Performing threat scan
2026-04-21 02:06:07.123 [92235] info on_nebula.cpp::handle Scan complete, duration: 249
2026-04-21 02:06:07.125 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-21 02:06:07.126 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 02:06:07.192 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 03:24:25.193 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 03:24:25.259 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 04:40:01.261 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 04:40:01.330 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 05:46:37.332 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 05:46:37.401 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 07:00:58.542 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-21 07:00:58.542 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-21 07:00:58.542 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-21 07:00:58.542 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-21 07:00:58.543 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-21 07:00:58.543 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-21 07:01:10.662 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-21 07:01:11.675 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-21 07:01:19.064 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 353563000832, \"freespace_total\": 353563000832, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719205920768, \"freespace_total\": 719205920768, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8768888832, \"free_virtual\": 8169402368, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-04-21 07:01:19.109 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-21 07:38:14.413 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 07:38:14.473 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 09:15:26.474 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 09:15:26.546 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 09:46:15.802 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-21 09:46:16.059 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-21 09:46:16.059 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-21 09:46:16.059 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-21 09:46:17.071 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "825b357761f2ea09f7b04c9358bdabae:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-21 09:46:17.072 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-21 09:46:17.072 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-21 09:46:17.161 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1776779177
2026-04-21 09:46:17.161 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776779177
2026-04-21 09:46:17.161 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-21 09:46:17.162 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-21 11:07:03.560 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 11:07:03.624 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 12:20:52.640 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 12:20:52.705 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 14:16:58.704 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 14:16:58.764 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 15:05:45.666 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-21 15:05:58.984 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-21 15:05:59.232 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-21 15:05:59.232 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-21 15:05:59.243 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "55699d8b46b8a7ebc2a104f507d8b0af:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-21 15:05:59.244 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-21 15:05:59.244 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-21 15:05:59.416 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1776798359
2026-04-21 15:05:59.418 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776798359
2026-04-21 15:05:59.418 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-21 15:05:59.427 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-21 15:18:10.765 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 15:18:10.837 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 16:32:52.838 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 16:32:52.902 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 18:04:40.903 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 18:04:40.962 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 19:48:10.963 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 19:48:11.035 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 21:29:00.047 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 21:29:00.113 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-21 21:51:03.992 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-21 21:51:09.341 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-21 21:51:09.342 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-21 21:51:09.342 [92233] info on_timer.cpp::update No agent updates available
2026-04-21 21:51:09.342 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-21 21:51:09.491 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-21 21:51:09.491 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-21 21:51:10.298 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-21 21:51:10.392 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108938
2026-04-21 21:51:11.331 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108938
2026-04-21 21:51:11.331 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108938
2026-04-21 21:51:11.798 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-21 21:51:11.989 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-21 21:51:11.989 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-21 21:51:12.135 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-21 21:51:12.135 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-21 21:51:12.142 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-21 23:28:42.113 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-21 23:28:42.179 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 00:42:31.192 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 00:42:31.263 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 01:42:50.275 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 01:42:50.382 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 02:02:00.635 [92235] info on_nebula.cpp::handle Performing threat scan
2026-04-22 02:06:56.273 [92235] info on_nebula.cpp::handle Scan complete, duration: 296
2026-04-22 02:06:56.275 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-22 02:06:56.276 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 02:06:56.347 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 03:40:33.359 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 03:40:33.425 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 04:24:42.957 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-22 04:24:43.233 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-22 04:24:43.233 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-22 04:24:43.233 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-22 04:24:45.757 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "94b156fba7062cd3d28bc895dbb79de2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-22 04:24:45.758 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-22 04:24:45.758 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-22 04:24:45.839 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1776846285
2026-04-22 04:24:45.839 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776846285
2026-04-22 04:24:45.839 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-22 04:24:45.840 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-22 05:06:57.425 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 05:06:57.491 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 06:47:45.492 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 06:47:45.564 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 07:01:00.725 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-22 07:01:00.725 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-22 07:01:00.725 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-22 07:01:00.725 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-22 07:01:00.725 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-22 07:01:00.725 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-22 07:01:12.868 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-22 07:01:13.881 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-22 07:01:22.247 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 349612527616, \"freespace_total\": 349612527616, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719095517184, \"freespace_total\": 719095517184, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9588133888, \"free_virtual\": 8165208064, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-04-22 07:01:22.288 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-22 07:01:22.289 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 07:01:22.362 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 08:55:41.375 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 08:55:41.445 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 10:41:54.457 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 10:41:58.662 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 12:13:32.605 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-22 12:13:32.703 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-22 12:13:32.703 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-22 12:13:32.703 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-22 12:13:34.024 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "23f824db08d4367982643411fdf7c31b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-22 12:13:34.025 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-22 12:13:34.025 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-22 12:13:34.100 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1776874414
2026-04-22 12:13:34.100 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776874414
2026-04-22 12:13:34.100 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-22 12:13:34.101 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-22 12:38:04.861 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 12:38:04.935 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 14:23:22.937 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 14:23:23.042 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 15:23:41.044 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 15:23:41.115 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 17:17:05.116 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 17:17:05.182 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 18:25:29.184 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 18:25:29.249 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 20:03:35.253 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 20:03:35.323 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 21:35:23.323 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 21:35:23.396 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-22 21:51:16.442 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-22 21:51:20.792 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-22 21:51:20.792 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-22 21:51:20.792 [92233] info on_timer.cpp::update No agent updates available
2026-04-22 21:51:20.792 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-22 21:51:20.940 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-22 21:51:20.940 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-22 21:51:21.333 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-22 21:51:21.418 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108972
2026-04-22 21:51:22.349 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108972
2026-04-22 21:51:22.349 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108972
2026-04-22 21:51:22.450 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-22 21:51:22.643 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-22 21:51:22.643 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-22 21:51:22.785 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-22 21:51:22.785 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-22 21:51:22.786 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-22 22:38:23.398 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-22 22:38:23.464 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 00:20:59.465 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 00:20:59.535 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 02:01:59.779 [92235] info on_nebula.cpp::handle Performing threat scan
2026-04-23 02:08:14.603 [92235] info on_nebula.cpp::handle Scan complete, duration: 375
2026-04-23 02:08:14.614 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-23 02:08:14.615 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 02:08:14.686 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 03:56:14.687 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 03:56:14.753 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 05:28:03.770 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 05:28:03.914 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 05:58:59.146 [92235] info client.cpp::callSync []
2026-04-23 05:59:00.226 [92235] info client.cpp::syncExclusions Updated exclusions: 8f6f2cdf2e177b68f765434a2c562def
2026-04-23 05:59:00.226 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 8f6f2cdf2e177b68f765434a2c562def
2026-04-23 05:59:00.226 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-23 05:59:00.227 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-23 05:59:00.229 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 05:59:00.301 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 07:01:00.481 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-23 07:01:00.481 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-23 07:01:00.481 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-23 07:01:00.481 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-23 07:01:00.482 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-23 07:01:00.482 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-23 07:01:12.613 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-23 07:01:13.626 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-23 07:01:21.974 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 347123511296, \"freespace_total\": 347123511296, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718907494400, \"freespace_total\": 718907494400, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11162886144, \"free_virtual\": 8167305216, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-23 07:01:22.003 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-23 07:01:22.004 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 07:01:22.068 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 09:01:58.069 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 09:01:58.142 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 10:58:04.143 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 10:58:04.209 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 12:04:40.210 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 12:04:40.270 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 13:25:40.271 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 13:25:40.341 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 14:50:17.355 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 14:50:17.420 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 16:01:24.434 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 16:01:24.504 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 17:26:54.505 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 17:26:54.576 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 19:00:31.593 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 19:00:31.659 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 19:08:50.722 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-23 19:08:50.914 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-23 19:08:50.914 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-23 19:08:50.914 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-23 19:08:50.931 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2fe0d806354f5aba847cb846dcd41144:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-23 19:08:50.932 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-23 19:08:50.932 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-23 19:08:51.024 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1776985730
2026-04-23 19:08:51.024 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1776985730
2026-04-23 19:08:51.024 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-23 19:08:51.025 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-23 20:52:07.660 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 20:52:07.729 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-23 21:51:27.523 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-23 21:51:29.620 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2fe0d806354f5aba847cb846dcd41144:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-23 21:51:34.014 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-23 21:51:34.014 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-23 21:51:34.014 [92233] info on_timer.cpp::update No agent updates available
2026-04-23 21:51:34.014 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-23 21:51:34.166 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-23 21:51:34.166 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-23 21:51:34.671 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-23 21:51:34.875 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108986
2026-04-23 21:51:35.921 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108986
2026-04-23 21:51:35.921 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108986
2026-04-23 21:51:36.033 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-23 21:51:36.275 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-23 21:51:36.275 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-23 21:51:36.417 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-23 21:51:36.417 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-23 21:51:36.418 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-23 21:51:39.432 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2fe0d806354f5aba847cb846dcd41144:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-23 22:28:25.732 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-23 22:28:25.804 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 00:20:55.805 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 00:20:55.876 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 02:01:59.948 [92235] info on_nebula.cpp::handle Performing threat scan
2026-04-24 02:11:29.890 [92235] info on_nebula.cpp::handle Scan complete, duration: 570
2026-04-24 02:11:29.903 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-24 02:11:29.904 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 02:11:29.975 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 03:29:47.977 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 03:29:48.042 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 05:30:24.043 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 05:30:24.114 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 06:35:12.116 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 06:35:12.180 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 07:01:00.327 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-24 07:01:00.327 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-24 07:01:00.328 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-24 07:01:00.328 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-24 07:01:00.328 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-24 07:01:00.328 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-24 07:01:10.461 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-24 07:01:10.474 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-24 07:01:18.816 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 343934644224, \"freespace_total\": 343934644224, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718811201536, \"freespace_total\": 718811201536, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13391802368, \"free_virtual\": 8168353792, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-24 07:01:18.868 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-24 08:05:12.182 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 08:05:12.254 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 09:05:30.266 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 09:05:30.356 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 10:40:54.357 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 10:40:54.424 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 11:46:36.128 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-24 11:46:36.224 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-24 11:46:36.224 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-24 11:46:36.224 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-24 11:46:37.882 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "3a0cb272039a4538c9559782499d1618:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-24 11:46:37.883 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-24 11:46:37.883 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-24 11:46:37.968 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777045597
2026-04-24 11:46:37.968 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777045597
2026-04-24 11:46:37.968 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-24 11:46:37.971 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-24 12:03:42.425 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 12:03:42.499 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 13:12:06.500 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 13:12:06.586 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 13:28:15.306 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-24 13:28:15.441 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-24 13:28:15.441 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-24 13:28:15.441 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-24 13:28:19.094 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2c99977c9da35430d51f62f9a9f58807:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-24 13:28:20.106 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-24 13:28:20.107 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-24 13:28:20.179 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777051700
2026-04-24 13:28:20.179 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777051700
2026-04-24 13:28:20.179 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-24 13:28:20.184 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-24 14:39:07.847 [92235] info client.cpp::registerRefresh nebula client refresh success
2026-04-24 14:39:07.847 [92235] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.ars
2026-04-24 14:39:07.847 [92235] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-04-24 14:39:07.868 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 14:39:07.932 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 16:09:07.934 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 16:09:07.998 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 18:04:19.999 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 18:04:20.065 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 19:22:38.066 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 19:22:38.131 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 21:05:15.145 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 21:05:15.212 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-24 21:51:40.780 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-24 21:51:45.722 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2c99977c9da35430d51f62f9a9f58807:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-24 21:51:47.132 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-24 21:51:47.132 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-24 21:51:47.132 [92233] info on_timer.cpp::update No agent updates available
2026-04-24 21:51:47.132 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-24 21:51:47.280 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-24 21:51:47.280 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-24 21:51:47.540 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-24 21:51:47.721 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109014
2026-04-24 21:51:48.655 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109014
2026-04-24 21:51:48.655 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109014
2026-04-24 21:51:48.745 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-24 21:51:49.017 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-24 21:51:49.018 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-24 21:51:49.159 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-24 21:51:49.159 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-24 21:51:49.160 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-24 21:51:53.754 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2c99977c9da35430d51f62f9a9f58807:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-24 22:52:21.215 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-24 22:52:21.289 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 00:16:04.303 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 00:16:04.374 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 01:47:52.375 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 01:47:52.436 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 03:33:10.435 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 03:33:10.507 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 05:21:10.508 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 05:21:10.579 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 06:24:10.581 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 06:24:10.648 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 07:00:59.893 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-25 07:00:59.893 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-25 07:00:59.893 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-25 07:00:59.893 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-25 07:00:59.893 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-25 07:00:59.893 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-25 07:01:09.032 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-25 07:01:10.046 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-25 07:01:18.426 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 341843488768, \"freespace_total\": 341843488768, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719162933248, \"freespace_total\": 719162933248, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13243543552, \"free_virtual\": 8168353792, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-25 07:01:18.466 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-25 07:01:18.467 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 07:01:18.535 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 08:18:42.536 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 08:18:42.637 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 08:33:21.002 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-25 08:33:21.096 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-25 08:33:21.096 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-25 08:33:21.096 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-25 08:33:23.528 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d33109270e2148f071671b0b3efb08ac:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-25 08:33:23.530 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-25 08:33:23.530 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-25 08:33:23.601 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777120403
2026-04-25 08:33:23.601 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777120403
2026-04-25 08:33:23.601 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-25 08:33:23.604 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-25 09:28:55.650 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 09:28:55.723 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 10:43:37.724 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 10:43:37.796 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 12:18:08.811 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 12:18:08.881 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 13:30:08.882 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 13:30:08.957 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 14:51:08.959 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 14:51:09.030 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 16:07:40.043 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 16:07:40.112 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 17:41:16.114 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 17:41:16.182 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 18:57:46.183 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 18:57:46.257 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 20:34:04.259 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 20:34:04.331 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 21:51:54.037 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-25 21:51:56.324 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d33109270e2148f071671b0b3efb08ac:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-25 21:52:00.411 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-25 21:52:00.411 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-25 21:52:00.411 [92233] info on_timer.cpp::update No agent updates available
2026-04-25 21:52:00.411 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-25 21:52:00.560 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-25 21:52:00.560 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-25 21:52:01.175 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-25 21:52:01.263 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109032
2026-04-25 21:52:02.206 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109032
2026-04-25 21:52:02.206 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109032
2026-04-25 21:52:02.351 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-25 21:52:02.542 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-25 21:52:02.542 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-25 21:52:02.685 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-25 21:52:02.685 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-25 21:52:02.686 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-25 21:52:04.353 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d33109270e2148f071671b0b3efb08ac:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-25 21:52:22.208 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 21:52:22.304 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-25 23:03:28.420 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-25 23:03:28.492 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 00:41:34.498 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 00:41:34.571 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 02:32:17.584 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 02:32:17.650 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 04:20:18.663 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 04:20:18.735 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 06:07:24.736 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 06:07:24.801 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 07:00:58.913 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-26 07:00:58.913 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-26 07:00:58.913 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-26 07:00:58.913 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-26 07:00:58.914 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-26 07:00:58.914 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-26 07:01:08.051 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-26 07:01:09.069 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-26 07:01:13.445 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 339903594496, \"freespace_total\": 339903594496, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 719110934528, \"freespace_total\": 719110934528, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9711288320, \"free_virtual\": 8167124992, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-04-26 07:01:13.480 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-26 07:32:54.802 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 07:32:54.873 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 08:37:42.875 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 08:37:42.947 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 09:38:00.951 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 09:38:01.017 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 10:49:08.026 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 10:49:08.098 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 12:24:32.101 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 12:24:32.169 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 14:17:02.170 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 14:17:02.232 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 15:23:38.664 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 15:23:38.734 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 16:51:50.736 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 16:51:50.842 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 18:42:32.843 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 18:42:32.917 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 20:26:56.919 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 20:26:56.984 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 21:52:07.182 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-26 21:52:08.610 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d33109270e2148f071671b0b3efb08ac:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-26 21:52:12.625 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d33109270e2148f071671b0b3efb08ac:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-26 21:52:14.047 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-26 21:52:14.047 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-26 21:52:14.047 [92233] info on_timer.cpp::update No agent updates available
2026-04-26 21:52:14.047 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-26 21:52:14.193 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-26 21:52:14.197 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-26 21:52:14.719 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-26 21:52:14.806 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109042
2026-04-26 21:52:15.800 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109042
2026-04-26 21:52:15.800 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109042
2026-04-26 21:52:15.934 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-26 21:52:16.150 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-26 21:52:16.151 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-26 21:52:16.301 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-26 21:52:16.301 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-26 21:52:16.301 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-26 22:14:57.194 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 22:14:57.256 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-26 23:42:15.258 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-26 23:42:15.330 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 00:56:58.343 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 00:56:58.415 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 02:01:58.462 [92235] info on_nebula.cpp::handle Performing threat scan
2026-04-27 02:14:48.290 [92235] info on_nebula.cpp::handle Scan complete, duration: 770
2026-04-27 02:14:48.292 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-27 02:14:48.293 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 02:14:48.370 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 03:58:18.371 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 03:58:18.444 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 05:55:18.446 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 05:55:18.506 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 07:00:58.968 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-27 07:00:58.968 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-27 07:00:58.968 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-27 07:00:58.968 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-27 07:00:58.969 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-27 07:00:58.969 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-27 07:01:09.096 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-27 07:01:10.109 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-27 07:01:16.464 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 334636687360, \"freespace_total\": 334636687360, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718953906176, \"freespace_total\": 718953906176, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 12636708864, \"free_virtual\": 8158392320, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-27 07:01:16.527 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-27 07:01:16.528 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 07:01:16.597 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 09:01:52.600 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 09:01:52.664 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 10:54:22.884 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 10:54:22.949 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 12:42:22.950 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 12:42:23.017 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 14:06:59.019 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 14:06:59.084 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 15:56:48.097 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 15:56:48.162 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 17:48:25.174 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 17:48:25.238 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 19:39:08.252 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 19:39:08.324 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 20:48:26.326 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 20:48:26.398 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 21:52:20.680 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-27 21:52:23.990 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d33109270e2148f071671b0b3efb08ac:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-27 21:52:26.043 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-27 21:52:26.043 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-27 21:52:26.043 [92233] info on_timer.cpp::update No agent updates available
2026-04-27 21:52:26.043 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-27 21:52:26.189 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-27 21:52:26.189 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-27 21:52:26.715 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-27 21:52:26.799 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109076
2026-04-27 21:52:27.933 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109076
2026-04-27 21:52:27.934 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109076
2026-04-27 21:52:28.176 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-27 21:52:28.369 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-27 21:52:28.369 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-27 21:52:28.511 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-27 21:52:28.511 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-27 21:52:28.517 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-27 21:52:31.027 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d33109270e2148f071671b0b3efb08ac:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-27 22:03:08.784 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 22:03:08.857 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-27 23:37:40.498 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-27 23:37:40.650 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 00:46:58.867 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 00:46:58.939 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 02:33:10.940 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 02:33:11.000 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 04:12:11.001 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 04:12:11.060 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 05:12:29.062 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 05:12:29.151 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 06:28:06.167 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 06:28:06.238 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 07:00:58.351 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-28 07:00:58.351 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-28 07:00:58.351 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-28 07:00:58.351 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-28 07:00:58.352 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-28 07:00:58.352 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-28 07:01:08.504 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-28 07:01:09.517 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-28 07:01:16.888 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 328166252544, \"freespace_total\": 328166252544, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718897766400, \"freespace_total\": 718897766400, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13945925632, \"free_virtual\": 8159178752, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-04-28 07:01:16.940 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-28 07:29:19.252 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 07:29:19.635 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 08:53:55.650 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 08:53:55.714 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 09:58:43.927 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 09:58:43.992 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 11:32:19.993 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 11:32:20.057 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 13:27:50.119 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-28 13:27:53.818 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-28 13:27:53.819 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-28 13:27:53.820 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-28 13:27:54.833 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "23012dfacc0ba204207d336b700b80f6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-28 13:27:54.833 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-28 13:27:54.833 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-28 13:27:54.925 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777397274
2026-04-28 13:27:54.925 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777397274
2026-04-28 13:27:54.925 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-28 13:27:54.937 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-28 13:28:26.061 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 13:28:26.126 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 15:29:02.127 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 15:29:02.198 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 16:14:10.037 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 16:14:39.415 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 17:19:51.701 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-28 17:19:51.785 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-28 17:19:51.785 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-28 17:19:51.785 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-28 17:19:55.801 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "5a8bf6aec2825a3958ffeecdec7d8efa:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-28 17:19:56.813 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-28 17:19:56.813 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-28 17:19:56.892 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777411196
2026-04-28 17:19:56.892 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777411196
2026-04-28 17:19:56.892 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-28 17:19:56.897 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-28 18:15:16.061 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 18:15:16.121 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 19:47:59.138 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 19:47:59.210 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 21:15:17.211 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 21:15:17.278 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 21:52:32.918 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-28 21:52:38.308 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-28 21:52:38.308 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-28 21:52:38.308 [92233] info on_timer.cpp::update No agent updates available
2026-04-28 21:52:38.308 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-28 21:52:38.461 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-28 21:52:38.461 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-28 21:52:38.857 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-28 21:52:39.298 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109116
2026-04-28 21:52:40.736 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109116
2026-04-28 21:52:40.736 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109116
2026-04-28 21:52:41.502 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-28 21:52:41.797 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-28 21:52:41.797 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-28 21:52:41.941 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-28 21:52:41.941 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-28 21:52:42.018 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-28 22:23:41.279 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 22:23:41.350 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-28 23:59:59.569 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-28 23:59:59.664 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 01:35:23.667 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 01:35:23.732 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 02:01:58.473 [92235] info on_nebula.cpp::handle Performing threat scan
2026-04-29 03:03:13.140 [92235] info on_nebula.cpp::handle Scan complete, duration: 3675
2026-04-29 03:03:13.433 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-29 03:03:13.434 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 03:03:13.586 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 04:04:26.599 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 04:04:26.666 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 05:27:14.668 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 05:27:14.741 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 06:38:20.972 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 06:38:21.039 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 07:00:59.071 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-04-29 07:00:59.071 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-04-29 07:00:59.071 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-04-29 07:00:59.071 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-29 07:00:59.072 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-04-29 07:00:59.072 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-04-29 07:01:09.217 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-04-29 07:01:09.234 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-04-29 07:01:17.611 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 373312012288, \"freespace_total\": 373312012288, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718808481792, \"freespace_total\": 718808481792, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7793758208, \"free_virtual\": 8147382272, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-04-29 07:01:17.877 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-29 08:35:21.040 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 08:35:21.110 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 10:35:04.125 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 10:35:04.212 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 12:30:03.505 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-29 12:30:03.620 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-29 12:30:03.620 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-29 12:30:03.620 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-29 12:30:04.632 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "87064c4518e865b018f349a479127687:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-29 12:30:05.360 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-29 12:30:05.391 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-29 12:30:05.493 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777480205
2026-04-29 12:30:05.493 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777480205
2026-04-29 12:30:05.493 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-29 12:30:05.493 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-29 12:34:46.214 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 12:34:46.286 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 13:40:28.287 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 13:40:28.351 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 15:02:35.658 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-29 15:02:35.795 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-29 15:02:35.795 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-29 15:02:35.795 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-29 15:02:38.493 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "de906cd2530c424bf3905570cad5e75f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-29 15:02:38.493 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-29 15:02:38.493 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-29 15:02:41.505 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777489358
2026-04-29 15:02:41.505 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777489358
2026-04-29 15:02:41.505 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-29 15:02:41.506 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-29 15:33:52.353 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 15:33:52.420 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 16:11:42.232 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-04-29 16:11:42.328 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-04-29 16:11:42.328 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-04-29 16:11:42.328 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-04-29 16:11:44.997 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ea0e11d1a87928c1ac6bf67e97a4b394:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-29 16:11:44.998 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-04-29 16:11:44.998 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-04-29 16:11:45.079 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777493504
2026-04-29 16:11:45.079 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777493504
2026-04-29 16:11:45.079 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-04-29 16:11:45.084 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-04-29 16:35:58.421 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 16:35:58.487 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 17:37:10.489 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 17:37:10.663 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 18:53:40.664 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 18:53:40.729 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 20:53:22.730 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 20:53:22.796 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-29 21:52:46.257 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-29 21:52:47.681 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-29 21:52:47.682 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-29 21:52:47.682 [92233] info on_timer.cpp::update No agent updates available
2026-04-29 21:52:47.682 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-29 21:52:47.829 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-29 21:52:47.829 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-29 21:52:48.504 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-29 21:52:48.715 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109150
2026-04-29 21:52:49.980 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109150
2026-04-29 21:52:49.980 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109150
2026-04-29 21:52:50.048 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ea0e11d1a87928c1ac6bf67e97a4b394:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-29 21:52:50.056 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-29 21:52:50.517 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-29 21:52:50.518 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-29 21:52:50.717 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-29 21:52:50.717 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-29 21:52:50.718 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-29 21:52:54.064 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ea0e11d1a87928c1ac6bf67e97a4b394:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-29 22:35:04.798 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-29 22:35:04.869 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 00:26:40.871 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 00:26:40.947 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 02:01:59.132 [92235] info on_nebula.cpp::handle Performing threat scan
2026-04-30 02:56:17.875 [92235] info on_nebula.cpp::handle Scan complete, duration: 3258
2026-04-30 02:56:18.001 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-04-30 02:56:18.002 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 02:56:18.071 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 04:32:37.087 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 04:32:37.157 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 06:07:07.159 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 06:07:07.227 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 07:36:14.241 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 07:36:14.308 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 09:24:15.322 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 09:24:15.395 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 10:45:15.396 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 10:45:15.464 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 11:45:34.477 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 11:45:34.549 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 13:32:41.562 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 13:32:41.634 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 14:43:47.635 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 14:43:47.705 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 16:42:36.719 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 16:42:36.791 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 18:21:36.792 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 18:21:36.863 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 20:15:00.864 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 20:15:00.937 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 21:26:06.938 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 21:26:07.009 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-04-30 21:52:54.942 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-30 21:52:56.407 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ea0e11d1a87928c1ac6bf67e97a4b394:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-30 21:52:59.509 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-04-30 21:52:59.509 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-04-30 21:52:59.509 [92233] info on_timer.cpp::update No agent updates available
2026-04-30 21:52:59.509 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-30 21:52:59.670 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-04-30 21:52:59.670 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-04-30 21:53:00.422 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ea0e11d1a87928c1ac6bf67e97a4b394:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-30 21:53:00.613 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-04-30 21:53:00.695 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109176
2026-04-30 21:53:01.890 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109176
2026-04-30 21:53:01.891 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109176
2026-04-30 21:53:02.187 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-04-30 21:53:02.395 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-04-30 21:53:02.395 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-04-30 21:53:02.544 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-04-30 21:53:02.544 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-04-30 21:53:02.547 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-04-30 21:53:04.439 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ea0e11d1a87928c1ac6bf67e97a4b394:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-04-30 22:56:07.010 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-04-30 22:56:07.070 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 00:49:31.074 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 00:49:31.147 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 02:01:59.261 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-01 03:14:08.046 [92235] info on_nebula.cpp::handle Scan complete, duration: 4329
2026-05-01 03:14:08.064 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-01 03:14:08.065 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 03:14:08.138 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 05:01:14.139 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 05:01:14.231 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 06:51:02.463 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 06:51:02.530 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 08:04:50.956 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 08:04:51.045 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 09:38:27.270 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 09:38:27.338 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 11:04:51.550 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 11:04:51.622 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 12:22:30.956 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-01 12:22:31.070 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-01 12:22:31.070 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-01 12:22:31.070 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-01 12:22:33.193 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a6d70e5fe1bfef1ed745cfb8550a70f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-01 12:22:33.194 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-01 12:22:33.194 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-01 12:22:33.271 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777652553
2026-05-01 12:22:33.271 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777652553
2026-05-01 12:22:33.271 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-01 12:22:33.272 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-01 13:05:27.624 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 13:05:27.695 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 14:05:46.128 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 14:05:46.233 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 15:49:16.235 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 15:49:16.300 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 16:54:04.302 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 16:54:04.369 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 18:14:10.383 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 18:14:10.454 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 20:01:16.456 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 20:01:16.527 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 21:02:28.528 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 21:02:28.592 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 21:51:18.327 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 21:51:18.392 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-01 21:53:06.809 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-01 21:53:10.837 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a6d70e5fe1bfef1ed745cfb8550a70f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-01 21:53:11.491 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-01 21:53:11.492 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-01 21:53:11.492 [92233] info on_timer.cpp::update No agent updates available
2026-05-01 21:53:11.492 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-01 21:53:11.649 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-01 21:53:11.649 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-01 21:53:12.185 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-01 21:53:12.544 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109222
2026-05-01 21:53:13.778 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109222
2026-05-01 21:53:13.778 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109222
2026-05-01 21:53:13.879 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-01 21:53:14.100 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-01 21:53:14.100 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-01 21:53:14.245 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-01 21:53:14.501 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-01 21:53:14.515 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-01 21:53:14.855 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a6d70e5fe1bfef1ed745cfb8550a70f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-01 23:08:43.347 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-01 23:08:43.407 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 00:51:19.408 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 00:51:19.477 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 02:02:00.909 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-02 02:58:13.055 [92235] info on_nebula.cpp::handle Scan complete, duration: 3373
2026-05-02 02:58:13.057 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-02 02:58:13.058 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 02:58:13.143 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 04:36:19.144 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 04:36:19.216 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 05:37:31.228 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 05:37:31.311 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 07:00:59.471 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-02 07:00:59.471 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-02 07:00:59.471 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-02 07:00:59.471 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-02 07:00:59.472 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-02 07:00:59.472 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-02 07:01:09.602 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-02 07:01:09.615 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-02 07:01:18.014 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 355677044736, \"freespace_total\": 355677044736, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718754492416, \"freespace_total\": 718754492416, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 23198871552, \"free_virtual\": 8132440064, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-05-02 07:01:18.130 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-02 07:02:07.312 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 07:02:07.373 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 08:33:56.020 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 08:33:56.086 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 09:41:26.088 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 09:41:26.161 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 11:06:02.163 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 11:06:02.222 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 12:51:21.236 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 12:51:21.304 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 14:29:28.317 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 14:29:28.390 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 16:07:34.391 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 16:07:34.462 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 17:49:17.477 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 17:49:17.581 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 19:34:36.595 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 19:34:36.669 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 21:17:12.670 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 21:17:12.736 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 21:53:18.922 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-02 21:53:20.185 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a6d70e5fe1bfef1ed745cfb8550a70f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-02 21:53:24.201 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a6d70e5fe1bfef1ed745cfb8550a70f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-02 21:53:25.366 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-02 21:53:25.374 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-02 21:53:25.374 [92233] info on_timer.cpp::update No agent updates available
2026-05-02 21:53:25.374 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-02 21:53:25.520 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-02 21:53:25.520 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-02 21:53:26.529 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-02 21:53:26.620 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109246
2026-05-02 21:53:28.274 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109246
2026-05-02 21:53:28.274 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109246
2026-05-02 21:53:28.869 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-02 21:53:29.086 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-02 21:53:29.086 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-02 21:53:29.230 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-02 21:53:29.230 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-02 21:53:29.246 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-02 21:54:15.175 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a6d70e5fe1bfef1ed745cfb8550a70f5:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-02 22:25:37.748 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 22:25:37.835 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-02 23:06:49.095 [92235] info client.cpp::callSync []
2026-05-02 23:06:49.178 [92235] info client.cpp::syncExclusions Updated exclusions: 1163efeeffe72c347de168f2194ad8cd
2026-05-02 23:06:49.178 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 1163efeeffe72c347de168f2194ad8cd
2026-05-02 23:06:49.178 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-02 23:06:49.181 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-02 23:06:49.183 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-02 23:06:49.249 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 00:27:49.250 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 00:27:49.315 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 02:03:13.317 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 02:03:13.383 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 03:04:25.384 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 03:04:25.481 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 04:30:49.699 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 04:30:49.768 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 05:44:38.781 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 05:44:38.854 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 07:00:59.379 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-03 07:00:59.380 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-03 07:00:59.380 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-03 07:00:59.380 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-03 07:00:59.380 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-03 07:00:59.381 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-03 07:01:10.519 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-03 07:01:11.533 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-03 07:01:19.875 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 347841081344, \"freespace_total\": 347841081344, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718666379264, \"freespace_total\": 718666379264, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 15662714880, \"free_virtual\": 8123002880, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-05-03 07:01:19.913 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-03 07:01:19.914 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 07:01:19.979 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 08:26:50.211 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 08:26:50.272 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 09:41:32.273 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 09:41:32.344 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 10:59:50.771 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 10:59:50.842 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 12:04:38.843 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 12:04:38.915 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 13:06:44.916 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 13:06:44.988 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 14:54:44.989 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 14:54:45.060 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 16:20:16.074 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 16:20:16.225 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 17:34:04.136 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-03 17:34:04.248 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-03 17:34:04.248 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-03 17:34:04.248 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-03 17:34:06.689 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "94b88718730b0ea960e1581e9d117236:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-03 17:34:06.689 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-03 17:34:06.690 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-03 17:34:06.772 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777844046
2026-05-03 17:34:06.772 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777844046
2026-05-03 17:34:06.772 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-03 17:34:06.776 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-03 17:45:46.227 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 17:45:46.286 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 19:11:16.287 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 19:11:16.357 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 21:07:22.358 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 21:07:22.417 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-03 21:53:33.226 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-03 21:53:35.467 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "94b88718730b0ea960e1581e9d117236:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-03 21:53:37.931 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-03 21:53:37.931 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-03 21:53:37.931 [92233] info on_timer.cpp::update No agent updates available
2026-05-03 21:53:37.931 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-03 21:53:38.076 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-03 21:53:38.076 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-03 21:53:38.409 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-03 21:53:38.570 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109264
2026-05-03 21:53:39.624 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109264
2026-05-03 21:53:39.624 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109264
2026-05-03 21:53:40.120 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-03 21:53:40.330 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-03 21:53:40.330 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-03 21:53:40.479 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-03 21:53:40.479 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-03 21:53:40.481 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-03 21:54:09.619 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "94b88718730b0ea960e1581e9d117236:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-03 22:49:04.423 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-03 22:49:04.495 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 00:33:28.495 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 00:33:28.567 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 01:53:34.568 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 01:53:34.633 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 02:01:59.730 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-04 03:31:43.600 [92235] info on_nebula.cpp::handle Scan complete, duration: 5384
2026-05-04 03:31:43.646 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-04 03:31:43.647 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 03:31:43.708 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 05:18:49.709 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 05:18:49.781 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 06:50:38.798 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 06:50:38.864 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 08:49:26.865 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 08:49:26.931 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 09:41:15.555 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-04 09:41:17.157 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-04 09:41:17.157 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-04 09:41:17.157 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-04 09:41:18.192 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1310561c3fa31b73dd8c5e929aeda81b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-04 09:41:18.396 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-04 09:41:18.396 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-04 09:41:18.471 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777902078
2026-05-04 09:41:18.471 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777902078
2026-05-04 09:41:18.471 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-04 09:41:18.510 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-04 09:53:16.978 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-04 09:53:18.719 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-04 09:53:18.719 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-04 09:53:18.719 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-04 09:53:19.731 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ad3d83ccf7fdbf15c2e744a531afed50:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-04 09:53:19.732 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-04 09:53:19.732 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-04 09:53:19.845 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777902799
2026-05-04 09:53:19.845 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777902799
2026-05-04 09:53:19.845 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-04 09:53:19.846 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-04 09:57:10.195 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-04 09:57:10.545 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-04 09:57:10.545 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-04 09:57:10.545 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-04 09:57:11.558 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ed5276ce02760ee6bd405c5e1715201b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-04 09:57:11.558 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-04 09:57:11.558 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-04 09:57:11.657 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777903031
2026-05-04 09:57:11.657 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777903031
2026-05-04 09:57:11.657 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-04 09:57:11.661 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-04 10:29:08.325 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-04 10:29:08.772 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-04 10:29:08.772 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-04 10:29:08.772 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-04 10:29:09.784 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a8ee62da1074677c044edc82d59bcd53:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-04 10:29:09.785 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-04 10:29:09.785 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-04 10:29:09.870 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777904949
2026-05-04 10:29:09.870 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777904949
2026-05-04 10:29:09.870 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-04 10:29:09.871 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-04 10:41:03.146 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 10:41:03.214 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 11:00:35.232 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-04 11:00:36.729 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-04 11:00:36.729 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-04 11:00:36.729 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-04 11:00:39.137 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "dce36bb97a3b3a34e5ae8fb5ef6f6f66:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-04 11:00:39.137 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-04 11:00:39.137 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-04 11:00:39.261 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777906839
2026-05-04 11:00:39.261 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777906839
2026-05-04 11:00:39.261 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-04 11:00:39.304 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-04 11:45:51.426 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 11:45:51.531 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 13:14:57.533 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 13:14:57.594 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 15:06:34.033 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 15:06:34.098 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 15:46:21.574 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-04 15:46:21.778 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-04 15:46:21.778 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-04 15:46:21.778 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-04 15:46:25.793 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1e782b4aedd63399e8abda5dc8da4b78:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-04 15:46:26.806 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-04 15:46:26.806 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-04 15:46:26.880 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1777923986
2026-05-04 15:46:26.880 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1777923986
2026-05-04 15:46:26.880 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-04 15:46:26.881 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-04 16:44:40.099 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 16:44:40.172 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 18:31:46.173 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 18:31:46.237 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 20:01:46.239 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 20:01:46.305 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 21:25:28.307 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 21:25:28.372 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-04 21:53:44.976 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-04 21:53:49.928 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1e782b4aedd63399e8abda5dc8da4b78:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-04 21:53:51.730 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-04 21:53:51.985 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-04 21:53:51.985 [92233] info on_timer.cpp::update No agent updates available
2026-05-04 21:53:51.985 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-04 21:53:52.136 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-04 21:53:52.136 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-04 21:53:52.420 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-04 21:53:52.636 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109282
2026-05-04 21:53:53.778 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109282
2026-05-04 21:53:53.779 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109282
2026-05-04 21:53:54.039 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-04 21:53:54.245 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-04 21:53:54.246 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-04 21:53:54.390 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-04 21:53:54.390 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-04 21:53:54.403 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-04 21:54:05.042 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1e782b4aedd63399e8abda5dc8da4b78:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-04 22:26:40.370 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-04 22:26:40.435 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 00:14:40.435 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 00:14:40.502 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 01:58:11.517 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 01:58:11.578 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 02:01:59.622 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-05 04:12:49.977 [92235] info on_nebula.cpp::handle Scan complete, duration: 7850
2026-05-05 04:12:49.985 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-05 04:12:49.986 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 04:12:50.056 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 05:47:20.063 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 05:47:20.133 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 06:50:20.135 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 06:50:20.201 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 07:00:58.367 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-05 07:00:58.367 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-05 07:00:58.367 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-05 07:00:58.367 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-05 07:00:58.368 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-05 07:00:58.368 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-05 07:01:09.500 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-05 07:01:10.513 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-05 07:01:18.943 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 373552197632, \"freespace_total\": 373552197632, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718424510464, \"freespace_total\": 718424510464, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13369200640, \"free_virtual\": 8129818624, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-05-05 07:01:19.052 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-05 07:01:19.054 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 07:01:19.120 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 08:46:37.121 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 08:46:37.193 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 10:23:49.195 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 10:23:49.255 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 12:07:20.272 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 12:07:20.344 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 13:32:50.345 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 13:32:50.433 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 15:00:08.647 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 15:00:08.712 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 16:14:37.956 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-05 16:14:38.911 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-05 16:14:38.912 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-05 16:14:38.912 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-05 16:14:38.916 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 16:14:38.980 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 16:14:41.994 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "cd264bf3d43e5eb6bb17a7c95f33a626:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-05 17:33:25.157 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-05 17:33:25.284 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-05 17:33:25.284 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-05 17:33:25.284 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-05 17:33:27.711 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "725e0f8c1f4a825f769a0772504bcd3a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-05 17:33:27.712 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-05 17:33:27.712 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-05 17:33:27.797 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1778016807
2026-05-05 17:33:27.797 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1778016807
2026-05-05 17:33:27.797 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-05 17:33:27.800 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-05 17:50:03.191 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 17:50:03.252 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 19:39:51.254 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 19:39:51.326 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 21:23:21.327 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 21:23:21.400 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 21:53:58.919 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-05 21:54:01.456 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "725e0f8c1f4a825f769a0772504bcd3a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-05 21:54:03.337 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-05 21:54:03.343 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-05 21:54:03.343 [92233] info on_timer.cpp::update No agent updates available
2026-05-05 21:54:03.343 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-05 21:54:03.496 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-05 21:54:03.496 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-05 21:54:04.035 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-05 21:54:04.906 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109308
2026-05-05 21:54:06.450 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109308
2026-05-05 21:54:06.450 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109308
2026-05-05 21:54:07.131 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-05 21:54:08.032 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-05 21:54:08.033 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-05 21:54:08.202 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-05 21:54:08.202 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-05 21:54:08.203 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-05 21:55:15.501 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "725e0f8c1f4a825f769a0772504bcd3a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-05 22:44:21.402 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 22:44:21.471 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-05 23:45:33.472 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-05 23:45:33.540 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 01:00:15.554 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 01:00:15.628 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 01:34:41.837 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-06 01:34:41.984 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-06 01:34:41.984 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-06 01:34:41.984 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-06 01:34:43.032 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "3b520781eb5f567541b968886d046776:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-06 01:34:43.033 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-06 01:34:43.033 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-06 01:34:43.199 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1778045683
2026-05-06 01:34:43.199 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1778045683
2026-05-06 01:34:43.199 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-06 01:34:43.466 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-06 02:01:58.813 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-06 05:22:56.350 [92235] info on_nebula.cpp::handle Scan complete, duration: 12058
2026-05-06 05:22:56.936 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-06 05:22:56.937 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 05:22:57.002 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 06:40:21.004 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 06:40:21.071 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 07:01:37.540 [92235] info client.cpp::sync Command received : event.machine.sync
2026-05-06 07:01:37.607 [92235] error client.cpp::sync ParseError at /src/nebula/client.cpp:703 ()
2026-05-06 08:07:39.072 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 08:07:39.143 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 09:13:21.144 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 09:13:21.218 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 10:22:39.219 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 10:22:39.278 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 10:30:12.472 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-06 10:30:12.668 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-06 10:30:12.669 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-06 10:30:12.670 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-06 10:30:16.086 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "3098bb97fef431f836f622ecda305198:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-06 10:30:17.099 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-06 10:30:17.100 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-06 10:30:17.178 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1778077817
2026-05-06 10:30:17.178 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1778077817
2026-05-06 10:30:17.178 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-06 10:30:17.180 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-06 11:40:03.280 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 11:40:03.345 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 13:15:27.346 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 13:15:27.415 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 14:22:57.417 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 14:22:57.480 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 15:45:46.494 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 15:45:46.555 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 17:38:16.557 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 17:38:16.630 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 19:04:40.852 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 19:04:40.917 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 20:34:40.918 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 20:34:40.992 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 21:54:12.990 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-06 21:54:18.899 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-06 21:54:18.899 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-06 21:54:18.899 [92233] info on_timer.cpp::update No agent updates available
2026-05-06 21:54:18.899 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-06 21:54:19.057 [92233] info sirius.cpp::downloadUpdates updating package: mblinux.db.rules
2026-05-06 21:54:19.485 [92233] info sirius.cpp::backupEntry Backing up package: mblinux.db.rules
2026-05-06 21:54:19.510 [92233] info sirius.cpp::download updated mblinux.db.rules to version 2.0.202605061706
2026-05-06 21:54:19.510 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-06 21:54:20.370 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-06 21:54:20.744 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109350
2026-05-06 21:54:22.286 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109350
2026-05-06 21:54:22.286 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109350
2026-05-06 21:54:23.164 [92233] info sirius.cpp::installDownloaded installed mblinux.db.rules 2.0.202605061706
2026-05-06 21:54:23.221 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-06 21:54:23.452 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-06 21:54:23.453 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-06 21:54:23.604 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-06 21:54:23.604 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-06 21:54:23.605 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-06 21:54:25.124 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "3098bb97fef431f836f622ecda305198:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-06 22:26:17.435 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 22:26:17.507 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-06 23:32:53.508 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-06 23:32:53.572 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 00:48:29.573 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 00:48:29.631 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 02:01:58.774 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-07 05:04:15.282 [92235] info on_nebula.cpp::handle Scan complete, duration: 10937
2026-05-07 05:04:15.335 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-07 05:04:15.336 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 05:04:15.401 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 06:55:51.636 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 06:55:51.906 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 07:00:58.058 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-07 07:00:58.059 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-07 07:00:58.059 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-07 07:00:58.059 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-07 07:00:58.059 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-07 07:00:58.059 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-07 07:01:10.204 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-07 07:01:11.218 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-07 07:01:18.665 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 358298492928, \"freespace_total\": 358298492928, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 848371712, \"freespace_total\": 848371712, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718279163904, \"freespace_total\": 718279163904, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6630825984, \"free_virtual\": 8138035200, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-05-07 07:01:18.742 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-07 08:24:03.908 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 08:24:03.976 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 09:25:43.667 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-07 09:25:43.792 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-07 09:25:43.792 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-07 09:25:43.793 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-07 09:25:47.808 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "c2e10065c81697431529ff2cd66815c3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-07 09:25:48.829 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-07 09:25:48.830 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-07 09:25:48.913 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1778160348
2026-05-07 09:25:48.913 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1778160348
2026-05-07 09:25:48.913 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-07 09:25:48.928 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-07 09:53:09.978 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 09:53:10.038 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 11:15:58.039 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 11:15:58.134 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 13:07:34.136 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 13:07:34.202 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 14:08:41.405 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-07 14:08:41.488 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-07 14:08:41.488 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-07 14:08:41.488 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-07 14:08:44.950 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "4e407d9725cd02455418ae5c812619fc:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-07 14:08:44.951 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-07 14:08:44.951 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-07 14:08:45.056 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1778177324
2026-05-07 14:08:45.056 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1778177324
2026-05-07 14:08:45.056 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-07 14:08:45.057 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-07 14:17:46.203 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 14:17:46.269 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 14:39:11.747 [92235] info client.cpp::registerRefresh nebula client refresh success
2026-05-07 14:39:11.747 [92235] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.ars
2026-05-07 14:39:11.747 [92235] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-05-07 14:39:11.769 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 14:39:11.834 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 16:30:47.835 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 16:30:47.906 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 17:38:17.907 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 17:38:17.983 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 19:21:47.984 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 19:21:48.055 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 20:50:00.056 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 20:50:00.127 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 21:16:10.595 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-07 21:16:10.681 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-07 21:16:10.681 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-07 21:16:10.681 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-07 21:16:14.697 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "7bc9dfa01351aecf25e56481c77df7e6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-07 21:16:15.710 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-07 21:16:15.710 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-07 21:16:15.779 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1778202975
2026-05-07 21:16:15.779 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1778202975
2026-05-07 21:16:15.779 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-07 21:16:15.780 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-07 21:54:28.117 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-07 21:54:29.775 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "7bc9dfa01351aecf25e56481c77df7e6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-07 21:54:35.072 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-07 21:54:35.080 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-07 21:54:35.080 [92233] info on_timer.cpp::update No agent updates available
2026-05-07 21:54:35.080 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-07 21:54:35.299 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-07 21:54:35.299 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-07 21:54:36.463 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-07 21:54:36.914 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109380
2026-05-07 21:54:38.058 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109380
2026-05-07 21:54:38.058 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109380
2026-05-07 21:54:38.632 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-07 21:54:38.848 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-07 21:54:38.848 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-07 21:54:38.993 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-07 21:54:38.993 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-07 21:54:38.994 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-07 21:56:50.699 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "7bc9dfa01351aecf25e56481c77df7e6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-07 22:14:36.128 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 22:14:36.195 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 23:39:12.196 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-07 23:39:12.267 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-07 23:52:11.191 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-07 23:52:11.271 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-07 23:52:11.272 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-07 23:52:11.272 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-07 23:52:15.286 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "bdb1326749a3db2309ba822ad1558e20:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-07 23:52:16.299 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-07 23:52:16.299 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-07 23:52:16.367 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1778212336
2026-05-07 23:52:16.367 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1778212336
2026-05-07 23:52:16.367 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-07 23:52:16.368 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-08 01:03:48.269 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 01:03:48.339 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 02:02:00.705 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-08 03:00:30.439 [92235] info on_nebula.cpp::handle Scan complete, duration: 3510
2026-05-08 03:00:30.446 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-08 03:00:30.447 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 03:00:30.536 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 05:01:06.550 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 05:01:06.647 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 06:32:54.650 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 06:32:55.080 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 07:01:00.124 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-08 07:01:00.124 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-08 07:01:00.124 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-08 07:01:00.124 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-08 07:01:00.125 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-08 07:01:00.125 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-08 07:01:11.255 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-08 07:01:12.268 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-08 07:01:20.654 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 354204737536, \"freespace_total\": 354204737536, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 848371712, \"freespace_total\": 848371712, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718209384448, \"freespace_total\": 718209384448, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11276693504, \"free_virtual\": 8139218944, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-05-08 07:01:20.712 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-08 07:43:07.081 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 07:43:07.153 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 09:29:19.156 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 09:29:19.227 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 11:12:50.241 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 11:12:50.308 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 12:38:20.309 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 12:38:20.381 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 14:29:57.397 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 14:29:57.462 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 16:15:16.477 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 16:15:16.546 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 17:29:04.547 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 17:29:04.619 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 18:46:28.563 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 18:46:28.628 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 20:05:40.684 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 20:05:40.749 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 21:54:52.234 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-08 21:54:54.709 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "bdb1326749a3db2309ba822ad1558e20:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-08 21:54:58.400 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-08 21:54:58.400 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-08 21:54:58.400 [92233] info on_timer.cpp::update No agent updates available
2026-05-08 21:54:58.400 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-08 21:54:58.550 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-08 21:54:58.550 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-08 21:54:59.782 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-08 21:54:59.864 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109416
2026-05-08 21:55:01.610 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109416
2026-05-08 21:55:01.610 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109416
2026-05-08 21:55:02.305 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-08 21:55:02.621 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-08 21:55:02.621 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-08 21:55:02.767 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-08 21:55:02.767 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-08 21:55:02.768 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-08 21:55:15.805 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "bdb1326749a3db2309ba822ad1558e20:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-08 22:02:40.692 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 22:02:40.756 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-08 23:39:52.817 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-08 23:39:52.882 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 01:36:52.884 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 01:36:52.977 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 02:01:59.152 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-09 03:35:22.594 [92235] info on_nebula.cpp::handle Scan complete, duration: 5603
2026-05-09 03:35:22.600 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-09 03:35:22.601 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 03:35:22.716 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 04:45:34.717 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 04:45:34.784 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 06:20:58.993 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 06:20:59.062 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 07:00:59.182 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-09 07:00:59.182 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-09 07:00:59.182 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-09 07:00:59.182 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-09 07:00:59.183 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-09 07:00:59.183 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-09 07:01:10.311 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-09 07:01:11.325 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-09 07:01:19.732 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 352131137536, \"freespace_total\": 352131137536, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 848371712, \"freespace_total\": 848371712, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718169772032, \"freespace_total\": 718169772032, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5949579264, \"free_virtual\": 8139218944, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-05-09 07:01:19.787 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-09 08:06:17.064 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 08:06:17.145 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 09:40:47.146 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 09:40:47.218 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 11:33:17.220 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 11:33:17.288 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 13:00:36.302 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 13:00:36.385 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 14:32:24.387 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 14:32:24.461 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 15:34:30.462 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 15:34:30.533 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 17:12:36.534 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 17:12:36.593 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 18:48:00.594 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 18:48:00.666 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 20:14:25.679 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 20:14:25.746 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 21:41:44.759 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 21:41:44.825 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-09 21:43:55.042 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-09 21:43:56.222 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-09 21:43:56.222 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-09 21:43:56.223 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-09 21:43:57.245 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "3f7fe59153767039c15949c3407d31e7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-09 21:43:57.246 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-09 21:43:57.247 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-09 21:43:57.328 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1778377437
2026-05-09 21:43:57.328 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1778377437
2026-05-09 21:43:57.328 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-09 21:43:57.331 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-09 21:55:07.277 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-09 21:55:08.728 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "3f7fe59153767039c15949c3407d31e7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-09 21:55:12.749 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "3f7fe59153767039c15949c3407d31e7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-09 21:55:13.657 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-09 21:55:13.657 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-09 21:55:13.657 [92233] info on_timer.cpp::update No agent updates available
2026-05-09 21:55:13.657 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-09 21:55:13.805 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-09 21:55:13.805 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-09 21:55:14.855 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-09 21:55:15.080 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109454
2026-05-09 21:55:16.341 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109454
2026-05-09 21:55:16.341 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109454
2026-05-09 21:55:16.636 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-09 21:55:16.886 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-09 21:55:16.886 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-09 21:55:17.038 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-09 21:55:17.038 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-09 21:55:17.039 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-09 23:36:02.823 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-09 23:36:02.888 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 00:56:08.890 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 00:56:08.954 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 02:01:59.209 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-10 03:00:07.137 [92235] info on_nebula.cpp::handle Scan complete, duration: 3488
2026-05-10 03:00:07.145 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-10 03:00:07.146 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 03:00:07.216 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 04:16:37.218 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 04:16:37.712 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 06:17:13.714 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 06:17:13.784 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 07:52:37.785 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 07:52:37.858 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 09:07:19.859 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 09:07:19.932 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 10:57:07.933 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 10:57:08.004 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 12:30:44.422 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 12:30:44.493 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 13:59:50.495 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 13:59:50.562 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 15:25:21.576 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 15:25:21.641 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 16:49:03.642 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 16:49:03.712 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 18:06:27.713 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 18:06:27.785 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 19:59:47.104 [92235] info client.cpp::callSync []
2026-05-10 19:59:48.193 [92235] info client.cpp::syncExclusions Updated exclusions: 6c2cb72f66d2db195ce981175b9439f0
2026-05-10 19:59:48.193 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 6c2cb72f66d2db195ce981175b9439f0
2026-05-10 19:59:48.193 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-10 19:59:48.203 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-10 19:59:48.205 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 19:59:48.350 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 21:29:48.352 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 21:29:48.426 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-10 21:55:21.751 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-10 21:55:24.231 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "3f7fe59153767039c15949c3407d31e7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-10 21:55:27.110 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-10 21:55:27.115 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-10 21:55:27.115 [92233] info on_timer.cpp::update No agent updates available
2026-05-10 21:55:27.115 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-10 21:55:27.268 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-10 21:55:27.268 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-10 21:55:28.415 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-10 21:55:28.630 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109492
2026-05-10 21:55:29.794 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109492
2026-05-10 21:55:29.794 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109492
2026-05-10 21:55:29.939 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-10 21:55:30.212 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-10 21:55:30.213 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-10 21:55:30.356 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-10 21:55:30.356 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-10 21:55:30.357 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-10 21:55:32.262 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "3f7fe59153767039c15949c3407d31e7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-10 23:30:25.439 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-10 23:30:25.503 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 01:07:37.505 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 01:07:37.575 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 02:42:07.590 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 02:42:07.664 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 04:03:07.666 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 04:03:07.764 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 05:14:13.765 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 05:14:13.857 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 06:37:55.957 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 06:38:09.368 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 07:00:59.478 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-11 07:00:59.479 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-11 07:00:59.479 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-11 07:00:59.479 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-11 07:00:59.480 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-11 07:00:59.480 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-11 07:01:09.612 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-11 07:01:10.626 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-11 07:01:19.026 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364485332992, \"freespace_total\": 364485332992, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 848371712, \"freespace_total\": 848371712, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718099501056, \"freespace_total\": 718099501056, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9487667200, \"free_virtual\": 8144760832, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-05-11 07:01:19.083 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-11 07:44:46.382 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 07:44:46.454 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 09:20:10.455 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 09:20:10.529 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 11:02:46.529 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 11:02:46.601 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 12:13:52.819 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 12:13:52.878 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 13:19:34.879 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 13:19:34.944 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 14:44:10.946 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 14:44:11.051 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 16:17:47.052 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 16:17:47.123 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 18:07:35.124 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 18:07:35.190 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 19:16:00.203 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 19:16:00.270 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 20:21:43.283 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 20:21:43.355 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-11 21:44:43.338 [92235] info client.cpp::sync Command received : event.policy.refresh
2026-05-11 21:44:43.447 [92235] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-11 21:44:43.447 [92235] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-11 21:44:43.447 [92235] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-11 21:44:44.969 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-11 21:44:44.970 [92235] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-11 21:44:44.970 [92235] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-11 21:44:45.061 [92235] info client.cpp::syncExclusions Updated exclusions: nebula-1778550284
2026-05-11 21:44:45.061 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1778550284
2026-05-11 21:44:45.061 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-11 21:44:45.064 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-11 21:55:34.701 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-11 21:55:38.795 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-11 21:55:40.013 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-11 21:55:40.014 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-11 21:55:40.014 [92233] info on_timer.cpp::update No agent updates available
2026-05-11 21:55:40.014 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-11 21:55:40.165 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-11 21:55:40.165 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-11 21:55:41.132 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-11 21:55:41.233 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109528
2026-05-11 21:55:42.212 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109528
2026-05-11 21:55:42.212 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109528
2026-05-11 21:55:42.334 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-11 21:55:42.535 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-11 21:55:42.536 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-11 21:55:42.687 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-11 21:55:42.687 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-11 21:55:42.688 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-11 21:55:42.813 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-11 22:20:31.355 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-11 22:20:37.007 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 00:13:08.022 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 00:13:08.093 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 01:49:26.094 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 01:49:26.191 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 02:01:59.392 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-12 04:01:58.176 [92235] info on_nebula.cpp::handle Scan complete, duration: 7199
2026-05-12 04:01:58.187 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-12 04:01:58.188 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 04:01:58.259 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 05:48:10.260 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 05:48:10.326 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 06:56:34.327 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 06:56:34.397 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 07:00:58.623 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-12 07:00:58.623 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-12 07:00:58.623 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-12 07:00:58.623 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-12 07:00:58.624 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-12 07:00:58.624 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-12 07:01:10.769 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-12 07:01:11.783 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-12 07:01:20.168 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 363491778560, \"freespace_total\": 363491778560, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 848371712, \"freespace_total\": 848371712, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718065577984, \"freespace_total\": 718065577984, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7989907456, \"free_virtual\": 8147906560, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-05-12 07:01:20.205 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-12 07:01:20.206 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 07:01:20.275 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 08:22:21.291 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 08:22:21.357 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 09:27:09.359 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 09:27:09.447 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 10:34:39.448 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 10:34:39.519 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 11:52:57.520 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 11:52:57.587 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 13:31:03.591 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 13:31:03.663 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 15:12:45.665 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 15:12:45.739 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 16:53:33.740 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 16:53:33.812 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 18:49:39.813 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 18:49:39.886 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 20:48:27.887 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 20:48:50.590 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 21:55:47.298 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-12 21:55:52.667 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-12 21:55:52.668 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-12 21:55:52.668 [92233] info on_timer.cpp::update No agent updates available
2026-05-12 21:55:52.668 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-12 21:55:52.819 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-12 21:55:52.820 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-12 21:55:53.546 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-12 21:55:53.649 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109572
2026-05-12 21:55:54.794 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109572
2026-05-12 21:55:54.794 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109572
2026-05-12 21:55:55.086 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-12 21:55:55.287 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-12 21:55:55.287 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-12 21:55:55.435 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-12 21:55:55.435 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-12 21:55:55.436 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-12 22:22:26.591 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 22:22:26.663 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-12 23:23:38.894 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-12 23:23:38.965 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 00:38:20.966 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 00:38:21.037 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 01:58:27.039 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 01:58:27.110 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 02:02:00.312 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-13 02:51:10.565 [92235] info on_nebula.cpp::handle Scan complete, duration: 2950
2026-05-13 02:51:10.570 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-13 02:51:10.571 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 02:51:10.643 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 04:47:17.656 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 04:47:17.727 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 06:25:24.746 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 06:25:24.819 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 07:00:58.928 [92235] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-13 07:00:58.928 [92235] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-13 07:00:58.928 [92235] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-13 07:00:58.928 [92235] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-13 07:00:58.929 [92235] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-13 07:00:58.929 [92235] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-13 07:01:09.064 [92235] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-13 07:01:10.077 [92235] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-13 07:01:18.474 [92235] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 362788593664, \"freespace_total\": 362788593664, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 848371712, \"freespace_total\": 848371712, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718025568256, \"freespace_total\": 718025568256, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7786606592, \"free_virtual\": 8152887296, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-05-13 07:01:18.517 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-13 08:25:06.820 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 08:25:06.891 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 09:50:37.105 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 09:50:37.182 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 10:56:19.183 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 10:56:19.257 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 12:11:01.479 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 12:11:01.581 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 13:45:31.353 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 13:45:31.431 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 15:24:31.664 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 15:24:31.736 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 16:47:19.737 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 16:47:19.808 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 18:41:37.808 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 18:41:37.880 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 20:02:37.881 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 20:02:37.952 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 21:56:00.147 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-13 21:56:04.498 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-13 21:56:04.503 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-13 21:56:04.503 [92233] info on_timer.cpp::update No agent updates available
2026-05-13 21:56:04.503 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-13 21:56:04.655 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-13 21:56:04.655 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-13 21:56:05.148 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-13 21:56:05.287 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109606
2026-05-13 21:56:05.904 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-13 21:56:06.422 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109606
2026-05-13 21:56:06.422 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109606
2026-05-13 21:56:06.838 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-13 21:56:07.044 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-13 21:56:07.045 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-13 21:56:07.195 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-13 21:56:07.195 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-13 21:56:07.197 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-13 21:56:09.920 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-13 21:59:37.893 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 21:59:37.965 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-13 23:04:26.030 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-13 23:04:26.101 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 00:10:08.103 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 00:10:08.175 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 01:27:32.175 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 01:27:32.248 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 02:02:00.312 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-14 04:04:46.101 [92235] info on_nebula.cpp::handle Scan complete, duration: 7366
2026-05-14 04:04:46.104 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-14 04:04:46.105 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 04:04:46.176 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 05:22:10.172 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 05:22:10.276 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 06:23:22.277 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 06:23:22.350 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 07:49:46.351 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 07:49:46.422 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 09:28:47.435 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 09:29:06.306 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 10:40:12.308 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 10:40:12.379 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 11:45:54.605 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 11:45:54.677 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 13:24:54.678 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 13:24:54.751 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 15:21:00.752 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 15:21:00.823 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 17:18:00.823 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 17:18:00.896 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 18:26:24.898 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 18:26:32.457 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 19:41:14.458 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 19:41:14.529 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 21:18:26.752 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 21:18:26.823 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 21:56:10.603 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-14 21:56:12.196 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-14 21:56:16.955 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-14 21:56:16.955 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-14 21:56:16.955 [92233] info on_timer.cpp::update No agent updates available
2026-05-14 21:56:16.955 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-14 21:56:17.105 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-14 21:56:17.105 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-14 21:56:17.339 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-14 21:56:17.647 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109644
2026-05-14 21:56:18.005 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-14 21:56:18.700 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109644
2026-05-14 21:56:18.700 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109644
2026-05-14 21:56:18.996 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-14 21:56:19.188 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-14 21:56:19.188 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-14 21:56:19.384 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-14 21:56:19.384 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-14 21:56:19.385 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-14 22:54:44.826 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 22:54:44.897 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-14 23:05:02.121 [92235] info client.cpp::callSync []
2026-05-14 23:05:03.213 [92235] info client.cpp::syncExclusions Updated exclusions: 6615ccef4d86e0ab37a21b375c971628
2026-05-14 23:05:03.213 [92235] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 6615ccef4d86e0ab37a21b375c971628
2026-05-14 23:05:03.213 [92235] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-14 23:05:03.220 [92235] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-14 23:05:03.222 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-14 23:05:03.294 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 00:05:21.295 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 00:05:21.364 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 01:30:51.366 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 01:30:51.435 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 02:02:00.576 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-15 03:56:28.202 [92235] info on_nebula.cpp::handle Scan complete, duration: 6868
2026-05-15 03:56:28.212 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-15 03:56:28.213 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 03:56:28.282 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 04:57:40.284 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 04:57:40.356 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 06:42:58.369 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 06:42:58.476 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 08:11:10.705 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 08:11:10.775 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 09:31:17.008 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 09:31:17.080 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 11:23:47.081 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 11:23:47.152 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 12:39:23.153 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 12:39:23.222 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 14:02:12.242 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 14:02:12.321 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 15:40:18.323 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 15:40:18.393 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 17:17:30.394 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 17:17:30.468 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 18:43:54.469 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 18:43:54.540 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 20:01:18.541 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 20:01:18.612 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 21:39:24.626 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 21:39:24.700 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-15 21:56:23.387 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-15 21:56:26.895 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-15 21:56:29.751 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-15 21:56:29.834 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-15 21:56:29.834 [92233] info on_timer.cpp::update No agent updates available
2026-05-15 21:56:29.834 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-15 21:56:29.988 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-15 21:56:29.988 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-15 21:56:30.327 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-15 21:56:30.510 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109690
2026-05-15 21:56:31.534 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109690
2026-05-15 21:56:31.534 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109690
2026-05-15 21:56:31.798 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-15 21:56:31.987 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-15 21:56:31.987 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-15 21:56:32.135 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-15 21:56:32.135 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-15 21:56:32.136 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-15 21:56:42.745 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-15 23:22:54.700 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-15 23:22:54.770 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 00:48:24.772 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 00:48:24.843 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 02:02:19.390 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-16 04:47:37.802 [92235] info on_nebula.cpp::handle Scan complete, duration: 9918
2026-05-16 04:47:37.820 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-16 04:47:37.821 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 04:47:37.890 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 06:31:07.892 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 06:31:07.962 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 07:59:20.205 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 07:59:20.276 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 09:06:51.316 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 09:06:51.387 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 10:14:21.388 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 10:14:21.460 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 11:43:27.462 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 11:43:27.533 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 12:59:03.534 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 12:59:03.606 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 14:03:51.607 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 14:03:51.680 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 15:46:28.695 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 15:46:28.768 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 17:15:34.769 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 17:15:34.842 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 18:49:10.843 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 18:49:10.915 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 20:39:52.917 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 20:39:52.988 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-16 21:56:37.019 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-16 21:56:38.932 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-16 21:56:42.382 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-16 21:56:42.383 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-16 21:56:42.383 [92233] info on_timer.cpp::update No agent updates available
2026-05-16 21:56:42.383 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-16 21:56:42.532 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-16 21:56:42.532 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-16 21:56:43.250 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-16 21:56:43.670 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109734
2026-05-16 21:56:44.698 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109734
2026-05-16 21:56:44.699 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109734
2026-05-16 21:56:44.980 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-16 21:56:45.204 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-16 21:56:45.204 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-16 21:56:45.353 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-16 21:56:45.353 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-16 21:56:45.356 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-16 21:56:46.964 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-16 22:24:16.989 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-16 22:24:17.061 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 00:02:23.062 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 00:02:23.134 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 01:53:59.339 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 01:53:59.413 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 02:01:59.607 [92235] info on_nebula.cpp::handle Performing threat scan
2026-05-17 03:13:06.867 [92235] info on_nebula.cpp::handle Scan complete, duration: 4267
2026-05-17 03:13:06.882 [92235] info schedule_store.cpp::save Saved nebula schedules
2026-05-17 03:13:06.883 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 03:13:06.956 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 04:45:48.957 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 04:45:49.030 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 06:10:25.031 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 06:10:25.105 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 07:30:32.119 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 07:30:32.216 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 09:22:08.217 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 09:22:08.317 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 09:26:20.468 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-17 09:26:24.498 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-17 10:38:39.334 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 10:38:39.404 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 12:21:15.406 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 12:21:15.477 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 14:16:28.491 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 14:16:28.561 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 16:11:41.575 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 16:11:41.648 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 17:32:41.654 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 17:32:41.725 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 18:41:59.726 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 18:41:59.798 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 19:47:41.800 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 19:47:41.871 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 21:47:23.873 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 21:47:23.941 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-17 21:56:49.690 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-17 21:56:52.051 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-17 21:56:55.066 [92233] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-17 21:56:55.069 [92233] info update.cpp::launchAgentUpdate No agent updates available
2026-05-17 21:56:55.069 [92233] info on_timer.cpp::update No agent updates available
2026-05-17 21:56:55.069 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-17 21:56:55.220 [92233] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-17 21:56:55.220 [92233] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-17 21:56:55.955 [92233] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-17 21:56:56.065 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-17 21:56:56.189 [92233] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109784
2026-05-17 21:56:57.239 [92233] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109784
2026-05-17 21:56:57.239 [92233] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109784
2026-05-17 21:56:57.738 [92233] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-17 21:56:57.931 [92233] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-17 21:56:57.931 [92233] info sirius.cpp::downloadUpdates checking for new updates
2026-05-17 21:56:58.082 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-17 21:56:58.082 [92233] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-17 21:56:58.097 [92233] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-17 23:20:59.943 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-17 23:21:00.017 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 00:59:06.019 [92235] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 00:59:06.090 [92235] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 01:03:45.983 [92232] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-05-18 01:03:48.135 [92235] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-18 01:03:49.116 [92236] info communicator.cpp::processor processing exited
2026-05-18 01:04:03.118 [92214] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-05-18 01:04:03.118 [92214] warn plugin_manager.cpp::finalize failed to kill plugin epa.linux.plugin.edr
2026-05-18 01:04:03.118 [92214] warn plugin_manager.cpp::finalize OSError at /src/nebula/plugin_manager.cpp:515 ()
2026-05-18 01:04:04.118 [92214] info mbdaemon.cpp::main Exiting Main - 0
2026-05-18 00:12:50.057 [979] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.89 **************
2026-05-18 00:12:50.076 [979] info mbdaemon.cpp::main logLevel is info
2026-05-18 00:12:50.076 [979] info mbdaemon.cpp::main syslogLevel is warn
2026-05-18 00:12:50.076 [979] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-05-18 00:12:50.076 [979] info sirius.cpp::initialize Setting Sirius channel: release
2026-05-18 00:12:50.595 [979] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-05-18 00:12:50.683 [979] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-05-18 00:12:51.140 [979] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-18 00:12:51.141 [1489] info telemetry_controller.cpp::processTelemetryData processing starting
2026-05-18 00:12:51.141 [1493] info communicator.cpp::processor processing starting
2026-05-18 00:12:54.175 [1492] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-18 00:12:54.175 [1492] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-18 00:12:54.175 [1492] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.ars
2026-05-18 00:12:54.175 [1492] info sirius.cpp::downloadUpdates checking for new updates
2026-05-18 00:12:55.404 [1492] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-18 00:12:55.404 [1492] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.ars, using old version
2026-05-18 00:12:55.404 [1492] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-05-18 00:12:55.497 [1492] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-05-18 00:12:55.497 [1492] info sirius.cpp::downloadUpdates checking for new updates
2026-05-18 00:12:55.674 [1492] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-18 00:12:55.674 [1492] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-05-18 00:12:55.674 [1492] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-05-18 00:12:55.746 [1492] info schedule_store.cpp::load Loaded nebula schedules
2026-05-18 00:12:55.907 [1492] info client.cpp::callSync []
2026-05-18 00:12:56.141 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-18 00:12:56.996 [1492] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-05-18 00:12:57.042 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 00:12:57.111 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 00:12:58.805 [1490] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-18 00:12:58.805 [1490] info update.cpp::launchAgentUpdate No agent updates available
2026-05-18 00:12:58.805 [1490] info on_timer.cpp::update No agent updates available
2026-05-18 00:12:58.805 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-18 00:12:58.956 [1490] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-18 00:12:58.956 [1490] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-18 00:12:59.241 [1490] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-18 00:12:59.313 [1490] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109790
2026-05-18 00:13:00.117 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2d56c1cadcd7ca9792096d7e21cf79d4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-18 00:13:00.280 [1490] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109790
2026-05-18 00:13:00.280 [1490] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109790
2026-05-18 00:13:00.351 [1490] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-18 00:13:00.500 [1490] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-18 02:01:59.944 [1492] info on_nebula.cpp::handle Performing threat scan
2026-05-18 04:34:00.388 [1492] info on_nebula.cpp::handle Scan complete, duration: 9121
2026-05-18 04:34:00.391 [1492] info schedule_store.cpp::save Saved nebula schedules
2026-05-18 04:34:00.392 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 04:34:00.463 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 06:02:12.463 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 06:02:12.570 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 07:00:58.602 [1492] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-18 07:00:58.602 [1492] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-18 07:00:58.602 [1492] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-18 07:00:58.602 [1492] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-18 07:00:58.602 [1492] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-18 07:00:58.602 [1492] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-18 07:01:08.647 [1492] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-18 07:01:09.653 [1492] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-18 07:01:17.998 [1492] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 366419472384, \"freespace_total\": 366419472384, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 717892108288, \"freespace_total\": 717892108288, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7721103360, \"free_virtual\": 8589922304, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-05-18 07:01:18.055 [1492] info schedule_store.cpp::save Saved nebula schedules
2026-05-18 07:46:36.576 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 07:46:36.648 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 09:24:42.648 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 09:24:42.720 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 11:01:54.722 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 11:01:54.792 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 12:28:18.793 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 12:28:37.599 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 13:49:37.601 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 13:49:37.670 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 15:21:25.671 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 15:21:25.742 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 16:21:43.743 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 16:21:43.812 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 18:15:07.814 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 18:15:07.883 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 19:18:07.884 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 19:18:07.958 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 21:07:56.073 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 21:07:56.144 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-18 22:19:02.147 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-18 22:19:02.220 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 00:07:02.221 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 00:07:02.293 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 01:13:05.177 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-19 01:13:09.485 [1490] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-19 01:13:09.485 [1490] info update.cpp::launchAgentUpdate No agent updates available
2026-05-19 01:13:09.485 [1490] info on_timer.cpp::update No agent updates available
2026-05-19 01:13:09.485 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-19 01:13:09.635 [1490] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-19 01:13:09.635 [1490] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-19 01:13:10.357 [1490] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-19 01:13:10.443 [1490] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109836
2026-05-19 01:13:11.415 [1490] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109836
2026-05-19 01:13:11.415 [1490] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109836
2026-05-19 01:13:11.524 [1490] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-19 01:13:11.650 [1490] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-19 01:13:11.651 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-19 01:13:11.800 [1490] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-19 01:13:11.800 [1490] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-19 01:13:11.801 [1490] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-19 02:02:00.510 [1492] info on_nebula.cpp::handle Performing threat scan
2026-05-19 02:53:58.996 [1492] info on_nebula.cpp::handle Scan complete, duration: 3118
2026-05-19 02:53:58.997 [1492] info schedule_store.cpp::save Saved nebula schedules
2026-05-19 02:53:58.999 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 02:53:59.074 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 03:34:05.196 [1492] info client.cpp::sync Command received : event.policy.refresh
2026-05-19 03:34:05.304 [1492] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-19 03:34:05.304 [1492] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-19 03:34:05.304 [1492] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-19 03:34:06.355 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "5dc1180e4cd3ea81cd31c55024766ecf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-19 03:34:06.355 [1492] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-19 03:34:06.355 [1492] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-19 03:34:06.444 [1492] info client.cpp::syncExclusions Updated exclusions: nebula-1779176046
2026-05-19 03:34:06.444 [1492] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1779176046
2026-05-19 03:34:06.444 [1492] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-19 03:34:06.445 [1492] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-19 04:18:36.083 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 04:18:36.154 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 05:34:12.156 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 05:34:12.227 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 07:01:00.296 [1492] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-19 07:01:00.296 [1492] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-19 07:01:00.296 [1492] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-19 07:01:00.296 [1492] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-19 07:01:00.297 [1492] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-19 07:01:00.297 [1492] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-19 07:01:11.384 [1492] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-19 07:01:12.392 [1492] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-19 07:01:20.819 [1492] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364453277696, \"freespace_total\": 364453277696, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 717868425216, \"freespace_total\": 717868425216, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 16354816000, \"free_virtual\": 8377856000, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\
2026-05-19 07:01:20.885 [1492] info schedule_store.cpp::save Saved nebula schedules
2026-05-19 07:26:42.228 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 07:26:42.298 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 09:27:18.299 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 09:27:18.369 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 10:57:18.370 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 10:57:18.468 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 12:31:48.470 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 12:31:48.542 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 14:22:30.543 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 14:22:30.613 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 14:49:01.169 [1492] info client.cpp::sync Command received : event.policy.refresh
2026-05-19 14:49:01.343 [1492] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-19 14:49:01.343 [1492] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-19 14:49:01.343 [1492] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-19 14:49:02.351 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "33040b244decca17b2767f7ca151c789:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-19 14:49:02.351 [1492] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-19 14:49:02.351 [1492] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-19 14:49:02.497 [1492] info client.cpp::syncExclusions Updated exclusions: nebula-1779216542
2026-05-19 14:49:02.497 [1492] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1779216542
2026-05-19 14:49:02.497 [1492] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-19 14:49:02.503 [1492] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-19 16:09:37.622 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 16:09:37.694 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 17:51:19.695 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 17:51:19.768 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 19:36:37.921 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 19:36:37.991 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 21:04:49.993 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 21:04:50.064 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 22:16:51.072 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 22:16:51.144 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-19 23:36:57.145 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-19 23:36:57.216 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 00:50:45.217 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 00:50:45.290 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 01:13:16.290 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-20 01:13:19.299 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "33040b244decca17b2767f7ca151c789:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-20 01:13:22.636 [1490] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-20 01:13:22.639 [1490] info update.cpp::launchAgentUpdate No agent updates available
2026-05-20 01:13:22.639 [1490] info on_timer.cpp::update No agent updates available
2026-05-20 01:13:22.639 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-20 01:13:22.790 [1490] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-20 01:13:22.790 [1490] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-20 01:13:23.317 [1490] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-20 01:13:23.396 [1490] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109884
2026-05-20 01:13:24.564 [1490] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109884
2026-05-20 01:13:24.564 [1490] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109884
2026-05-20 01:13:24.835 [1490] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-20 01:13:24.987 [1490] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-20 01:13:24.987 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-20 01:13:25.136 [1490] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-20 01:13:25.136 [1490] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-20 01:13:25.137 [1490] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-20 01:13:27.322 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "33040b244decca17b2767f7ca151c789:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-20 02:01:59.311 [1492] info on_nebula.cpp::handle Performing threat scan
2026-05-20 04:25:52.743 [1492] info on_nebula.cpp::handle Scan complete, duration: 8633
2026-05-20 04:25:52.747 [1492] info schedule_store.cpp::save Saved nebula schedules
2026-05-20 04:25:52.748 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 04:25:52.821 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 05:27:04.822 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 05:27:04.899 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 07:00:59.961 [1492] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-20 07:00:59.961 [1492] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-20 07:00:59.961 [1492] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-20 07:00:59.961 [1492] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-20 07:00:59.961 [1492] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-20 07:00:59.961 [1492] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-20 07:01:10.050 [1492] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-20 07:01:11.060 [1492] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-20 07:01:18.424 [1492] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 361725128704, \"freespace_total\": 361725128704, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 717834158080, \"freespace_total\": 717834158080, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.89\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9170776064, \"free_virtual\": 8459907072, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-05-20 07:01:18.465 [1492] info schedule_store.cpp::save Saved nebula schedules
2026-05-20 07:10:35.071 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 07:10:35.142 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 09:11:12.152 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 09:11:12.246 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 09:26:17.862 [1492] info client.cpp::sync Command received : event.policy.refresh
2026-05-20 09:26:18.007 [1492] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-20 09:26:18.007 [1492] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-20 09:26:18.007 [1492] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-20 09:26:19.976 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "2cd44d859b4d9f02e37fce111347114e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-20 09:26:19.976 [1492] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-20 09:26:19.976 [1492] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-20 09:26:20.086 [1492] info client.cpp::syncExclusions Updated exclusions: nebula-1779283579
2026-05-20 09:26:20.086 [1492] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1779283579
2026-05-20 09:26:20.086 [1492] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-20 09:26:20.087 [1492] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-20 10:35:48.248 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 10:35:48.318 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 11:32:18.520 [1492] info client.cpp::sync Command received : event.policy.refresh
2026-05-20 11:32:18.641 [1492] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-20 11:32:18.641 [1492] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-20 11:32:18.641 [1492] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-20 11:32:21.073 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "8e53e5bfbcf151127d78e6ca719d652e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-20 11:32:21.073 [1492] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-20 11:32:21.073 [1492] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-20 11:32:21.150 [1492] info client.cpp::syncExclusions Updated exclusions: nebula-1779291141
2026-05-20 11:32:21.150 [1492] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1779291141
2026-05-20 11:32:21.150 [1492] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-20 11:32:21.151 [1492] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-20 12:04:01.328 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 12:04:01.400 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 13:34:01.401 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 13:34:01.472 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 14:39:13.636 [1492] info client.cpp::registerRefresh nebula client refresh success
2026-05-20 14:39:13.636 [1492] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.ars
2026-05-20 14:39:13.636 [1492] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-05-20 14:39:13.660 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 14:39:13.729 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 15:59:20.739 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 15:59:20.809 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 17:50:57.820 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 17:50:57.890 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 18:57:34.057 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 18:57:34.133 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 20:58:11.144 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 20:58:11.256 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 22:00:16.791 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 22:00:16.863 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-20 23:34:47.332 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-20 23:34:47.443 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 01:13:29.671 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-21 01:13:36.071 [1490] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-21 01:13:36.071 [1490] info update.cpp::launchAgentUpdate No agent updates available
2026-05-21 01:13:36.071 [1490] info on_timer.cpp::update No agent updates available
2026-05-21 01:13:36.071 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-21 01:13:36.226 [1490] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-21 01:13:36.226 [1490] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-21 01:13:36.497 [1490] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-21 01:13:36.598 [1490] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109916
2026-05-21 01:13:37.826 [1490] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109916
2026-05-21 01:13:37.826 [1490] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109916
2026-05-21 01:13:38.106 [1490] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-21 01:13:38.297 [1490] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-21 01:13:38.297 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-21 01:13:38.447 [1490] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-21 01:13:38.447 [1490] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-21 01:13:38.448 [1490] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-21 01:22:47.444 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 01:22:47.514 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 02:42:53.515 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 02:42:53.659 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 04:11:59.660 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 04:12:14.791 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 05:08:06.193 [1492] info client.cpp::sync Command received : event.policy.refresh
2026-05-21 05:08:06.309 [1492] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-21 05:08:06.309 [1492] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-21 05:08:06.309 [1492] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-21 05:08:07.471 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "8da21655efdb61b8dca69d73009cdebf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-21 05:08:07.472 [1492] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-21 05:08:07.472 [1492] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-21 05:08:07.563 [1492] info client.cpp::syncExclusions Updated exclusions: nebula-1779354487
2026-05-21 05:08:07.563 [1492] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1779354487
2026-05-21 05:08:07.563 [1492] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-21 05:08:07.565 [1492] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-21 05:17:02.792 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 05:17:02.863 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 06:26:21.026 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 06:26:21.099 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 08:17:03.100 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 08:17:03.174 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 10:08:39.174 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 10:08:39.251 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 11:49:27.251 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 11:49:27.323 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 13:18:33.324 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 13:18:33.396 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 15:11:04.407 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 15:11:04.477 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 15:23:03.278 [1492] info client.cpp::sync Command received : event.policy.refresh
2026-05-21 15:23:03.417 [1492] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-21 15:23:03.417 [1492] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-21 15:23:03.417 [1492] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-21 15:23:04.426 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "89c2796c93ffb735a81c5d1c4519b6f7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-21 15:23:04.426 [1492] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-21 15:23:04.426 [1492] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-21 15:23:04.535 [1492] info client.cpp::syncExclusions Updated exclusions: nebula-1779391384
2026-05-21 15:23:04.535 [1492] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1779391384
2026-05-21 15:23:04.535 [1492] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-21 15:23:04.540 [1492] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-21 17:04:28.481 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 17:04:28.552 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 18:51:34.553 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 18:51:34.623 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 20:35:59.634 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 20:35:59.706 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 21:56:05.057 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 21:56:05.129 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-21 23:20:41.783 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-21 23:20:41.879 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 00:34:29.881 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 00:34:29.951 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 01:13:42.798 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-22 01:13:44.047 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "89c2796c93ffb735a81c5d1c4519b6f7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-22 01:13:48.060 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "89c2796c93ffb735a81c5d1c4519b6f7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-22 01:13:49.082 [1490] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-22 01:13:49.107 [1490] info update.cpp::launchAgentUpdate No agent updates available
2026-05-22 01:13:49.107 [1490] info on_timer.cpp::update No agent updates available
2026-05-22 01:13:49.107 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-22 01:13:49.257 [1490] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-22 01:13:49.257 [1490] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-22 01:13:49.494 [1490] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-22 01:13:49.607 [1490] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109966
2026-05-22 01:13:50.724 [1490] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109966
2026-05-22 01:13:50.724 [1490] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109966
2026-05-22 01:13:50.975 [1490] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-22 01:13:51.118 [1490] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-22 01:13:51.118 [1490] info sirius.cpp::downloadUpdates checking for new updates
2026-05-22 01:13:51.270 [1490] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-22 01:13:51.270 [1490] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-22 01:13:51.270 [1490] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-22 01:13:55.087 [1492] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.89", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.89", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "89c2796c93ffb735a81c5d1c4519b6f7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:78", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-22 01:53:41.953 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 01:53:42.025 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 02:02:00.353 [1492] info on_nebula.cpp::handle Performing threat scan
2026-05-22 07:02:23.335 [1492] info on_nebula.cpp::handle Scan complete, duration: 18023
2026-05-22 07:02:23.476 [1492] info schedule_store.cpp::save Saved nebula schedules
2026-05-22 07:02:23.477 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 07:02:23.550 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 08:21:35.552 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 08:21:35.624 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 09:38:05.625 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 09:38:05.696 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 10:48:18.706 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 10:48:18.778 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 12:39:54.778 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 12:39:54.850 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 14:25:12.850 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 14:25:12.920 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 15:28:12.921 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 15:28:12.998 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 16:28:32.011 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 16:28:32.084 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 17:36:24.139 [1492] info client.cpp::sync Command received : event.machine.sync
2026-05-22 17:36:24.213 [1492] error client.cpp::sync ParseError at /src/nebula/client.cpp:703 ()
2026-05-22 18:02:09.094 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 18:02:09.166 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 19:34:51.167 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 19:34:51.238 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 21:22:51.240 [1492] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 21:22:51.310 [1492] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 21:50:30.039 [1489] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-05-22 21:50:31.490 [1493] info communicator.cpp::processor processing exited
2026-05-22 21:50:47.040 [979] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-05-22 21:50:47.040 [979] warn plugin_manager.cpp::finalize failed to kill plugin epa.linux.plugin.edr
2026-05-22 21:50:47.040 [979] warn plugin_manager.cpp::finalize OSError at /src/nebula/plugin_manager.cpp:515 ()
2026-05-22 21:50:48.040 [979] info mbdaemon.cpp::main Exiting Main - 0
2026-05-22 21:50:48.162 [137994] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.90 **************
2026-05-22 21:50:48.163 [137994] info mbdaemon.cpp::main logLevel is info
2026-05-22 21:50:48.163 [137994] info mbdaemon.cpp::main syslogLevel is warn
2026-05-22 21:50:48.163 [137994] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-05-22 21:50:48.163 [137994] info sirius.cpp::initialize Setting Sirius channel: release
2026-05-22 21:50:48.322 [137994] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-05-22 21:50:48.369 [137994] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-05-22 21:50:48.549 [137994] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-22 21:50:48.549 [138008] info telemetry_controller.cpp::processTelemetryData processing starting
2026-05-22 21:50:48.549 [138012] info communicator.cpp::processor processing starting
2026-05-22 21:50:51.565 [138011] info client.cpp::initialize Upgrade detected from mblinux/1.1.89 to mblinux/1.1.90
2026-05-22 21:50:51.566 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-22 21:50:51.566 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-22 21:50:51.570 [138011] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.ars
2026-05-22 21:50:51.570 [138011] info sirius.cpp::downloadUpdates checking for new updates
2026-05-22 21:50:51.745 [138011] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-22 21:50:51.745 [138011] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.ars, using old version
2026-05-22 21:50:51.745 [138011] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-05-22 21:50:51.750 [138011] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-05-22 21:50:51.750 [138011] info sirius.cpp::downloadUpdates checking for new updates
2026-05-22 21:50:51.899 [138011] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-22 21:50:51.899 [138011] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-05-22 21:50:51.899 [138011] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-05-22 21:50:51.904 [138011] info schedule_store.cpp::load Loaded nebula schedules
2026-05-22 21:50:52.003 [138011] info client.cpp::callSync []
2026-05-22 21:50:52.088 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-22 21:50:52.088 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-22 21:50:52.550 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-22 21:50:53.092 [138011] info client.cpp::checkAgentAndAssetInfo Sending asset info for new version
2026-05-22 21:50:53.092 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-22 21:50:53.092 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-22 21:50:53.093 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-22 21:50:53.093 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-22 21:50:53.093 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-22 21:50:57.821 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-22 21:50:57.872 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-22 21:50:57.872 [138009] info on_timer.cpp::update No agent updates available
2026-05-22 21:50:57.872 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-22 21:50:58.021 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-22 21:50:58.021 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-22 21:50:58.290 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-22 21:50:58.404 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.109994
2026-05-22 21:50:59.395 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.109994
2026-05-22 21:50:59.395 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.109994
2026-05-22 21:50:59.460 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-22 21:50:59.585 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-22 21:51:03.148 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-22 21:51:04.156 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-22 21:51:12.495 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 356140081152, \"freespace_total\": 356140081152, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 717582712832, \"freespace_total\": 717582712832, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 2036084736, \"free_virtual\": 8459907072, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-05-22 21:51:12.524 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "98e2623782fec0edc06f29af482261c3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-22 21:51:12.638 [138011] info client.cpp::syncExclusions Updated exclusions: 2303fe608a567fbc1a57d3472670d57e
2026-05-22 21:51:12.648 [138011] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-05-22 21:51:12.648 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 21:51:12.799 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-22 21:51:16.804 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "98e2623782fec0edc06f29af482261c3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-22 21:51:16.804 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 2303fe608a567fbc1a57d3472670d57e
2026-05-22 21:51:16.804 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-22 21:51:16.805 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-22 23:45:30.852 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-22 23:45:30.924 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 00:51:12.926 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 00:51:12.998 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 02:24:48.999 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 02:24:49.076 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 03:48:31.213 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 03:48:31.284 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 05:33:49.302 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 05:33:50.140 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 06:41:20.271 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 06:41:20.341 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 08:14:56.343 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 08:14:56.416 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 09:22:26.417 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 09:22:26.489 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 10:57:50.490 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 10:57:50.588 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 12:08:57.596 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 12:08:57.666 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 13:38:03.668 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 13:38:03.739 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 14:46:27.741 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 14:46:27.813 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 16:43:28.820 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 16:43:28.913 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 18:04:28.914 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 18:04:28.985 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 19:18:17.122 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 19:18:17.192 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 20:50:05.193 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 20:50:05.263 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-23 21:51:04.438 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-23 21:51:07.235 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "98e2623782fec0edc06f29af482261c3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-23 21:51:09.765 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-23 21:51:09.766 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-23 21:51:09.766 [138009] info on_timer.cpp::update No agent updates available
2026-05-23 21:51:09.766 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-23 21:51:09.915 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-23 21:51:09.915 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-23 21:51:10.663 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-23 21:51:10.744 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110034
2026-05-23 21:51:11.249 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "98e2623782fec0edc06f29af482261c3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-23 21:51:11.714 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110034
2026-05-23 21:51:11.715 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110034
2026-05-23 21:51:11.842 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-23 21:51:12.002 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-23 21:51:12.003 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-23 21:51:12.153 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-23 21:51:12.153 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-23 21:51:12.153 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-23 22:48:53.266 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-23 22:48:53.338 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 00:08:59.339 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 00:08:59.409 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 01:28:11.410 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 01:28:11.480 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 02:02:00.558 [138011] info on_nebula.cpp::handle Performing threat scan
2026-05-24 04:52:41.810 [138011] info on_nebula.cpp::handle Scan complete, duration: 10241
2026-05-24 04:52:41.819 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-24 04:52:41.820 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 04:52:41.891 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 05:54:47.892 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 05:54:47.966 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 06:30:16.643 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-05-24 06:30:16.748 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-24 06:30:16.748 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-24 06:30:16.748 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-24 06:30:17.760 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "e070a345a720a868fdd4d93df58a6028:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-24 06:30:17.763 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-24 06:30:17.763 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-24 06:30:17.856 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1779618617
2026-05-24 06:30:17.856 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1779618617
2026-05-24 06:30:17.856 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-24 06:30:17.857 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-24 07:00:58.200 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-24 07:00:58.200 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-24 07:00:58.200 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-24 07:00:58.200 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-24 07:00:58.201 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-24 07:00:58.201 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-24 07:01:08.304 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-24 07:01:09.312 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-24 07:01:17.670 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 352941797376, \"freespace_total\": 352941797376, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 717558542336, \"freespace_total\": 717558542336, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5083541504, \"free_virtual\": 8335126528, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-05-24 07:01:17.733 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-24 07:49:05.969 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 07:49:06.041 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 09:47:54.043 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 09:47:54.117 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 11:26:54.119 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 11:26:54.192 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 12:32:36.193 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 12:32:36.265 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 14:22:24.267 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 14:22:24.337 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 15:52:24.339 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 15:52:24.410 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 17:47:36.411 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 17:47:36.482 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 19:05:54.483 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 19:05:54.554 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 20:42:12.555 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 20:42:12.650 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 21:51:16.345 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-24 21:51:21.736 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-24 21:51:21.736 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-24 21:51:21.736 [138009] info on_timer.cpp::update No agent updates available
2026-05-24 21:51:21.736 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-24 21:51:21.890 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-24 21:51:21.890 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-24 21:51:22.141 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-24 21:51:22.364 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110078
2026-05-24 21:51:23.421 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110078
2026-05-24 21:51:23.421 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110078
2026-05-24 21:51:23.551 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-24 21:51:23.795 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-24 21:51:24.006 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-24 21:51:24.156 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-24 21:51:24.156 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-24 21:51:24.157 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-24 22:32:00.662 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 22:32:00.734 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-24 23:43:07.747 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-24 23:43:07.817 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 01:35:37.819 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 01:35:37.891 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 02:01:59.947 [138011] info on_nebula.cpp::handle Performing threat scan
2026-05-25 03:01:26.243 [138011] info on_nebula.cpp::handle Scan complete, duration: 3567
2026-05-25 03:01:26.443 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-25 03:01:26.444 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 03:01:26.513 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 04:31:27.524 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 04:31:27.596 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 06:13:09.701 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 06:13:13.159 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 07:00:59.283 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-25 07:00:59.283 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-25 07:00:59.283 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-25 07:00:59.283 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-25 07:00:59.284 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-25 07:00:59.285 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-25 07:01:10.402 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-25 07:01:11.413 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-25 07:01:19.838 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 351091019776, \"freespace_total\": 351091019776, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 717513404416, \"freespace_total\": 717513404416, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 4300398592, \"free_virtual\": 8356098048, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-05-25 07:01:19.885 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-25 08:12:01.161 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 08:12:01.233 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 08:15:01.378 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-05-25 08:15:01.492 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-25 08:15:01.492 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-25 08:15:01.493 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-25 08:15:02.638 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-25 08:15:02.638 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-25 08:15:02.640 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-25 08:15:02.740 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1779711302
2026-05-25 08:15:02.740 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1779711302
2026-05-25 08:15:02.740 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-25 08:15:02.743 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-25 09:51:01.234 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 09:51:01.306 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 10:59:25.308 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 10:59:25.379 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 12:18:38.390 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 12:18:38.463 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 13:23:26.465 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 13:23:26.534 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 15:06:02.540 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 15:06:02.609 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 16:35:08.610 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 16:35:08.683 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 18:24:56.684 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 18:24:56.762 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 20:21:02.764 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 20:21:02.835 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-25 21:51:27.738 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-25 21:51:43.025 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-25 21:51:45.280 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-25 21:51:45.281 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-25 21:51:45.281 [138009] info on_timer.cpp::update No agent updates available
2026-05-25 21:51:45.281 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-25 21:51:45.432 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-25 21:51:45.432 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-25 21:51:45.688 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-25 21:51:45.804 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110126
2026-05-25 21:51:47.040 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110126
2026-05-25 21:51:47.040 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110126
2026-05-25 21:51:47.154 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-25 21:51:47.318 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-25 21:51:47.318 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-25 21:51:47.469 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-25 21:51:47.469 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-25 21:51:47.469 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-25 21:52:31.987 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-25 22:18:02.836 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-25 22:18:02.945 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 00:18:39.144 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 00:18:39.216 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 02:01:59.365 [138011] info on_nebula.cpp::handle Performing threat scan
2026-05-26 06:36:33.945 [138011] info on_nebula.cpp::handle Scan complete, duration: 16474
2026-05-26 06:36:34.434 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-26 06:36:34.436 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 06:36:34.505 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 07:01:00.535 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-26 07:01:00.535 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-26 07:01:00.535 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-26 07:01:00.535 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-26 07:01:00.536 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-26 07:01:00.536 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-26 07:01:11.176 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-26 07:01:12.190 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-26 07:01:20.631 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 359012528128, \"freespace_total\": 359012528128, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 717126410240, \"freespace_total\": 717126410240, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 471150592, \"free_virtual\": 7937978368, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\":
2026-05-26 07:01:20.664 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-26 07:48:34.506 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 07:48:34.576 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 09:32:59.589 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 09:32:59.658 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 11:27:17.660 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 11:27:17.730 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 12:38:23.732 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 12:38:23.808 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 14:26:23.809 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 14:26:23.881 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 16:12:35.883 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 16:12:51.452 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 18:04:27.453 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 18:04:27.562 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 19:57:51.564 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 19:57:51.673 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 21:30:33.674 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 21:30:33.744 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-26 21:51:52.136 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-26 21:51:54.507 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-26 21:51:54.507 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-26 21:51:54.507 [138009] info on_timer.cpp::update No agent updates available
2026-05-26 21:51:54.507 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-26 21:51:54.660 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-26 21:51:54.660 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-26 21:51:55.424 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-26 21:51:55.504 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110176
2026-05-26 21:51:56.571 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-26 21:51:56.686 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110176
2026-05-26 21:51:56.686 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110176
2026-05-26 21:51:56.765 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-26 21:51:56.972 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-26 21:51:56.972 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-26 21:51:57.122 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-26 21:51:57.122 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-26 21:51:57.123 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-26 21:52:00.585 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-26 23:15:51.748 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-26 23:15:51.820 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 01:12:52.013 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 01:12:52.083 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 02:01:58.187 [138011] info on_nebula.cpp::handle Performing threat scan
2026-05-27 03:11:19.536 [138011] info on_nebula.cpp::handle Scan complete, duration: 4161
2026-05-27 03:11:19.543 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-27 03:11:19.544 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 03:11:19.615 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 04:27:49.617 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 04:27:49.686 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 05:38:01.889 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 05:38:01.961 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 07:23:19.963 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 07:23:20.033 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 09:14:02.034 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 09:14:02.106 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 10:15:14.106 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 10:15:14.178 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 12:08:38.179 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 12:08:38.250 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 14:07:27.262 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 14:07:27.339 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 15:12:15.340 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 15:12:15.412 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 17:02:57.601 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 17:02:57.671 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 18:09:33.673 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 18:09:33.768 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 19:53:57.770 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 19:53:57.841 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 21:26:39.843 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 21:26:39.907 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-27 21:52:01.172 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-27 21:52:06.004 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-27 21:52:08.097 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-27 21:52:08.097 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-27 21:52:08.097 [138009] info on_timer.cpp::update No agent updates available
2026-05-27 21:52:08.097 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-27 21:52:08.248 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-27 21:52:08.248 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-27 21:52:08.789 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-27 21:52:09.657 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110228
2026-05-27 21:52:10.972 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110228
2026-05-27 21:52:10.972 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110228
2026-05-27 21:52:11.754 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-27 21:52:11.964 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-27 21:52:11.964 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-27 21:52:12.110 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-27 21:52:12.110 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-27 21:52:12.111 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-27 21:52:17.077 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-27 23:21:51.907 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-27 23:21:51.976 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 01:06:15.978 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 01:06:16.049 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 02:52:28.051 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 02:52:28.116 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 04:08:58.117 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 04:08:58.216 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 05:18:17.232 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 05:18:17.302 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 06:25:48.320 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 06:25:48.393 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 07:00:58.430 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-28 07:00:58.430 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-28 07:00:58.431 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-28 07:00:58.431 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-28 07:00:58.432 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-28 07:00:58.432 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-28 07:01:05.821 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-28 07:01:06.836 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-28 07:01:13.709 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 356488925184, \"freespace_total\": 356488925184, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716903460864, \"freespace_total\": 716903460864, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 4608757760, \"free_virtual\": 8070623232, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-05-28 07:01:13.881 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-28 07:53:06.394 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 07:53:06.464 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 09:37:31.476 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 09:37:31.547 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 11:25:32.560 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 11:25:32.631 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 13:09:56.633 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 13:09:56.706 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 14:30:56.719 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 14:30:56.827 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 15:42:17.067 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 15:42:18.185 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 16:47:07.101 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 16:47:07.172 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 18:19:50.189 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 18:19:50.260 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 19:39:56.261 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 19:39:56.332 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 21:31:32.331 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 21:31:32.401 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-28 21:52:16.263 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-28 21:52:21.591 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-28 21:52:21.627 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-28 21:52:21.634 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-28 21:52:21.634 [138009] info on_timer.cpp::update No agent updates available
2026-05-28 21:52:21.634 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-28 21:52:21.786 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-28 21:52:21.786 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-28 21:52:22.036 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-28 21:52:22.550 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110262
2026-05-28 21:52:24.950 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110262
2026-05-28 21:52:24.950 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110262
2026-05-28 21:52:25.649 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-28 21:52:25.846 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-28 21:52:26.768 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-28 21:52:26.768 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-28 21:52:26.920 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-28 21:52:26.920 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-28 21:52:26.921 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-28 21:52:28.669 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "fdbe300a7fde59c0a68bde9da36963b0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-28 22:47:08.404 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-28 22:47:08.496 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 00:20:44.497 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 00:20:44.569 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 00:56:35.613 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-05-29 00:56:35.702 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-29 00:56:35.702 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-29 00:56:35.702 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-29 00:56:38.051 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "38009890e7ec80864eace59558ef44b1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-29 00:56:38.052 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-29 00:56:38.052 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-29 00:56:38.130 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780030598
2026-05-29 00:56:38.130 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780030598
2026-05-29 00:56:38.130 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-29 00:56:38.133 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-29 01:47:09.582 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 01:47:09.655 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 02:01:58.754 [138011] info on_nebula.cpp::handle Performing threat scan
2026-05-29 05:08:36.893 [138011] info on_nebula.cpp::handle Scan complete, duration: 11198
2026-05-29 05:08:36.935 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-29 05:08:36.937 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 05:08:37.040 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 06:19:43.041 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 06:19:43.111 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 07:47:01.112 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 07:47:01.183 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 09:47:37.185 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 09:47:37.255 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 11:15:49.257 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 11:15:49.327 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 12:26:01.328 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 12:26:01.416 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 13:45:13.417 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 13:45:13.487 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 15:37:43.488 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 15:37:43.558 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 16:39:49.559 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 16:39:49.631 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 18:26:55.632 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 18:26:55.702 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 20:03:13.703 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 20:03:13.815 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 21:52:31.217 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-29 21:52:35.212 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "38009890e7ec80864eace59558ef44b1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-29 21:52:36.604 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-29 21:52:36.604 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-29 21:52:36.604 [138009] info on_timer.cpp::update No agent updates available
2026-05-29 21:52:36.604 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-29 21:52:36.756 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-29 21:52:36.756 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-29 21:52:37.536 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-29 21:52:37.742 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110310
2026-05-29 21:52:38.226 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "38009890e7ec80864eace59558ef44b1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-29 21:52:38.820 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110310
2026-05-29 21:52:38.820 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110310
2026-05-29 21:52:38.957 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-29 21:52:39.140 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-29 21:52:39.140 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-29 21:52:39.290 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-29 21:52:39.290 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-29 21:52:39.291 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-29 22:00:14.124 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 22:00:14.195 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-29 23:18:32.901 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-29 23:18:32.971 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 00:30:40.122 [138011] info client.cpp::callSync []
2026-05-30 00:30:41.207 [138011] info client.cpp::syncExclusions Updated exclusions: 9af39a38e871e4d26b8ba3c2a839e2bf
2026-05-30 00:30:41.207 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 9af39a38e871e4d26b8ba3c2a839e2bf
2026-05-30 00:30:41.207 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-30 00:30:41.209 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-30 00:30:41.211 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 00:30:41.284 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 01:51:41.496 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 01:51:41.566 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 02:01:58.664 [138011] info on_nebula.cpp::handle Performing threat scan
2026-05-30 03:06:25.450 [138011] info on_nebula.cpp::handle Scan complete, duration: 3867
2026-05-30 03:06:25.453 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-30 03:06:25.454 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 03:06:25.530 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 04:40:01.531 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 04:40:01.603 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 05:44:49.604 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 05:44:49.677 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 07:23:49.680 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 07:23:49.752 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 09:10:02.765 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 09:10:02.839 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 11:02:32.840 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 11:02:44.354 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 12:30:56.356 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 12:30:56.426 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 13:31:14.852 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 13:31:14.923 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 14:58:55.115 [138011] info client.cpp::callSync []
2026-05-30 14:58:56.129 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 14:58:56.198 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 16:54:09.211 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 16:54:09.281 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 18:14:15.282 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 18:14:15.352 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 19:20:51.354 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 19:20:51.425 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 20:23:51.427 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 20:23:51.529 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 21:52:44.001 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-30 21:52:46.364 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-30 21:52:46.365 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-30 21:52:46.365 [138009] info on_timer.cpp::update No agent updates available
2026-05-30 21:52:46.365 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-30 21:52:46.518 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-30 21:52:46.518 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-30 21:52:46.760 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-30 21:52:46.846 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110334
2026-05-30 21:52:47.395 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "38009890e7ec80864eace59558ef44b1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-30 21:52:47.823 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110334
2026-05-30 21:52:47.823 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110334
2026-05-30 21:52:47.980 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-30 21:52:48.174 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-30 21:52:48.174 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-30 21:52:48.323 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-30 21:52:48.324 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-30 21:52:48.326 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-30 21:52:55.425 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "38009890e7ec80864eace59558ef44b1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-30 22:13:40.541 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 22:13:40.612 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-30 23:50:52.615 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-30 23:50:52.684 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 01:45:10.685 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 01:45:10.759 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 03:15:10.760 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 03:15:10.833 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 04:33:28.835 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 04:33:28.930 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 06:11:34.931 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 06:11:35.003 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 07:00:59.201 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-05-31 07:00:59.201 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-05-31 07:00:59.201 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-05-31 07:00:59.201 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-31 07:00:59.202 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-05-31 07:00:59.203 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-05-31 07:01:09.334 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-05-31 07:01:09.343 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-05-31 07:01:17.731 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 354277728256, \"freespace_total\": 354277728256, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716835663872, \"freespace_total\": 716835663872, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7587950592, \"free_virtual\": 8226861056, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-05-31 07:01:17.847 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-05-31 07:01:17.848 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 07:01:17.918 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 08:16:53.919 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 08:16:53.989 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 09:18:05.990 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 09:18:06.063 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 10:32:49.076 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 10:32:49.148 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 11:33:07.150 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 11:33:07.223 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 13:06:43.224 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 13:06:43.293 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 13:45:03.433 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-05-31 13:45:03.525 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-31 13:45:03.525 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-31 13:45:03.525 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-31 13:45:05.456 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "6ce327f5f6d5327ac8b3814731cdc712:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-31 13:45:05.456 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-31 13:45:05.456 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-31 13:45:05.537 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780249505
2026-05-31 13:45:05.537 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780249505
2026-05-31 13:45:05.537 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-31 13:45:05.540 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-31 14:12:25.295 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 14:12:25.366 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 15:11:31.079 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-05-31 15:11:31.185 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-31 15:11:31.185 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-31 15:11:31.185 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-31 15:11:32.197 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "e1957f40025012e79cb832d3a1db7a0b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-31 15:11:32.197 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-31 15:11:32.197 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-31 15:11:32.276 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780254692
2026-05-31 15:11:32.276 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780254692
2026-05-31 15:11:32.276 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-31 15:11:32.277 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-31 15:13:09.224 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-05-31 15:13:27.492 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-05-31 15:13:27.492 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-05-31 15:13:27.492 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-05-31 15:13:28.504 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "b49de653af38f3f9a26084b89c704d3e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-31 15:13:28.658 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-05-31 15:13:28.658 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-05-31 15:13:28.827 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780254808
2026-05-31 15:13:28.827 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780254808
2026-05-31 15:13:28.827 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-05-31 15:13:28.827 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-05-31 16:12:08.382 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 16:12:08.455 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 17:51:08.456 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 17:51:08.526 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 19:08:32.528 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 19:08:32.598 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 20:35:50.599 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 20:35:50.673 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 21:52:52.876 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-31 21:52:56.352 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "b49de653af38f3f9a26084b89c704d3e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-31 21:52:58.209 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-05-31 21:52:58.209 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-05-31 21:52:58.209 [138009] info on_timer.cpp::update No agent updates available
2026-05-31 21:52:58.209 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-31 21:52:58.359 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-05-31 21:52:58.359 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-05-31 21:52:58.609 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-05-31 21:52:58.811 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110364
2026-05-31 21:52:59.944 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110364
2026-05-31 21:52:59.944 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110364
2026-05-31 21:53:00.223 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-05-31 21:53:00.609 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-05-31 21:53:00.610 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-05-31 21:53:00.759 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-05-31 21:53:00.759 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-05-31 21:53:00.760 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-05-31 21:53:04.382 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "b49de653af38f3f9a26084b89c704d3e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-05-31 22:17:32.672 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 22:17:44.168 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-05-31 23:47:45.186 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-05-31 23:47:45.257 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 01:24:03.466 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 01:24:05.431 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 03:23:48.445 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 03:24:11.138 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 04:52:24.151 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 04:52:24.257 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 06:22:24.261 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 06:22:25.306 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 07:00:58.515 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-01 07:00:58.516 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-01 07:00:58.516 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-01 07:00:58.516 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-01 07:00:58.517 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-01 07:00:58.517 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-01 07:01:08.758 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-01 07:01:09.767 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-01 07:01:18.167 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 362271232000, \"freespace_total\": 362271232000, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716780544000, \"freespace_total\": 716780544000, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5779243008, \"free_virtual\": 8308649984, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-06-01 07:01:18.231 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-01 07:01:18.232 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 07:01:18.305 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 08:20:30.306 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 08:20:30.379 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 09:52:18.380 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 09:52:18.451 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 11:07:54.451 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 11:08:00.385 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 12:28:06.387 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 12:28:06.459 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 13:58:06.464 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 13:58:06.537 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 15:26:51.925 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-01 15:26:52.367 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-01 15:26:52.367 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-01 15:26:52.368 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-01 15:26:53.379 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "62c6e558caedb52582a32b5a04685700:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-01 15:26:53.380 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-01 15:26:53.380 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-01 15:26:53.464 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780342013
2026-06-01 15:26:53.464 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780342013
2026-06-01 15:26:53.464 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-01 15:26:53.469 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-01 15:54:13.550 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 15:54:13.621 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 17:32:19.622 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 17:32:19.694 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 18:47:02.706 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 18:47:02.776 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 20:26:02.777 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 20:26:02.867 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 21:53:05.019 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-01 21:53:09.332 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-01 21:53:09.332 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-06-01 21:53:09.332 [138009] info on_timer.cpp::update No agent updates available
2026-06-01 21:53:09.332 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-01 21:53:09.483 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-01 21:53:09.483 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-01 21:53:09.753 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-01 21:53:09.846 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110408
2026-06-01 21:53:10.896 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110408
2026-06-01 21:53:10.896 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110408
2026-06-01 21:53:11.045 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-01 21:53:11.233 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-01 21:53:11.234 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-01 21:53:11.384 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-01 21:53:11.384 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-01 21:53:11.385 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-01 22:21:14.868 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 22:21:14.956 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-01 23:44:56.958 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-01 23:44:57.030 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 01:39:15.039 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 01:39:15.107 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 03:24:33.108 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 03:24:33.179 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 05:06:16.192 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 05:06:16.264 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 06:40:47.277 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 06:40:47.349 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 07:01:00.456 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-02 07:01:00.456 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-02 07:01:00.456 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-02 07:01:00.456 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-02 07:01:00.457 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-02 07:01:00.457 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-02 07:01:09.582 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-02 07:01:09.591 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-02 07:01:17.965 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 370317742080, \"freespace_total\": 370317742080, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716843573248, \"freespace_total\": 716843573248, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 12465717248, \"free_virtual\": 8346398720, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\
2026-06-02 07:01:18.021 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-02 07:56:23.350 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 07:56:23.423 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 09:05:42.437 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 09:05:42.508 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 10:55:30.509 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 10:55:30.582 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 12:49:48.584 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 12:49:48.673 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 14:31:30.672 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 14:31:30.743 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 14:39:16.037 [138011] info client.cpp::registerRefresh nebula client refresh success
2026-06-02 14:39:16.037 [138011] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.ars
2026-06-02 14:39:16.037 [138011] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-06-02 14:39:16.061 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 14:39:16.129 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 15:37:21.240 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-02 15:37:21.332 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-02 15:37:21.332 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-02 15:37:21.332 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-02 15:37:21.344 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "4b65f411fb8d3ddc51c102eb6b544238:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-02 15:37:21.344 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-02 15:37:21.344 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-02 15:37:21.426 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780429041
2026-06-02 15:37:21.426 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780429041
2026-06-02 15:37:21.426 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-02 15:37:21.431 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-02 16:11:58.357 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 16:11:58.425 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 17:53:41.436 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 17:53:41.509 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 19:03:54.523 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 19:03:54.596 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 20:18:36.597 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 20:18:36.662 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 21:53:16.310 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-02 21:53:18.627 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "4b65f411fb8d3ddc51c102eb6b544238:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-02 21:53:22.630 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-02 21:53:22.631 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-06-02 21:53:22.631 [138009] info on_timer.cpp::update No agent updates available
2026-06-02 21:53:22.631 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-02 21:53:22.775 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-02 21:53:22.775 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-02 21:53:22.936 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-02 21:53:22.966 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110442
2026-06-02 21:53:22.969 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110442
2026-06-02 21:53:22.969 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110442
2026-06-02 21:53:23.061 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-02 21:53:23.258 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-02 21:53:23.258 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-02 21:53:23.365 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-02 21:53:23.365 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-02 21:53:23.365 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-02 21:53:26.655 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "4b65f411fb8d3ddc51c102eb6b544238:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-02 22:12:54.674 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 22:12:54.733 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-02 23:27:37.149 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-02 23:27:37.221 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 01:10:13.222 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 01:10:13.295 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 02:24:55.496 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 02:24:55.566 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 04:02:07.569 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 04:02:07.633 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 05:12:19.634 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 05:12:19.702 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 06:59:25.705 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 06:59:25.774 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 07:00:59.953 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-03 07:00:59.953 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-03 07:00:59.953 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-03 07:00:59.953 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-03 07:00:59.954 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-03 07:00:59.954 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-03 07:01:11.074 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-03 07:01:12.087 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-03 07:01:20.478 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 368324571136, \"freespace_total\": 368324571136, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716813357056, \"freespace_total\": 716813357056, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 14275993600, \"free_virtual\": 8362127360, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\
2026-06-03 07:01:20.536 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-03 08:58:13.775 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 08:58:13.847 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 10:01:13.848 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 10:01:13.919 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 11:02:26.127 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 11:02:26.224 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 12:43:14.224 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 12:43:29.045 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 14:40:29.046 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 14:40:29.114 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 16:05:06.127 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 16:05:06.239 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 17:23:24.242 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 17:23:24.313 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 18:26:24.314 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 18:26:24.374 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 19:42:54.375 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 19:42:54.445 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 20:43:13.459 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 20:43:13.527 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 21:53:28.210 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-03 21:53:29.386 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "4b65f411fb8d3ddc51c102eb6b544238:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-03 21:53:33.401 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "4b65f411fb8d3ddc51c102eb6b544238:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-03 21:53:33.558 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-03 21:53:33.561 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-06-03 21:53:33.561 [138009] info on_timer.cpp::update No agent updates available
2026-06-03 21:53:33.561 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-03 21:53:33.673 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-03 21:53:33.673 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-03 21:53:34.135 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-03 21:53:34.244 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110478
2026-06-03 21:53:35.582 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110478
2026-06-03 21:53:35.582 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110478
2026-06-03 21:53:35.921 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-03 21:53:36.128 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-03 21:53:36.128 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-03 21:53:36.314 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-03 21:53:36.314 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-03 21:53:36.314 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-03 21:53:37.417 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "4b65f411fb8d3ddc51c102eb6b544238:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-03 22:25:49.532 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 22:25:49.598 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-03 23:30:37.599 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-03 23:30:37.663 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 00:51:38.677 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 00:51:38.748 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 02:27:02.740 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 02:27:02.804 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 03:35:26.814 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 03:35:26.908 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 05:36:02.911 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 05:36:03.602 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 06:39:04.617 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 06:39:04.682 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 07:01:00.759 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-04 07:01:00.759 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-04 07:01:00.759 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-04 07:01:00.759 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-04 07:01:00.759 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-04 07:01:00.759 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-04 07:01:07.892 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-04 07:01:08.901 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-04 07:01:15.297 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364400762880, \"freespace_total\": 364400762880, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716787740672, \"freespace_total\": 716787740672, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7194533888, \"free_virtual\": 8378118144, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-06-04 07:01:15.337 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-04 08:21:40.683 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 08:21:40.753 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 10:21:22.754 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 10:21:22.824 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 11:33:22.824 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 11:33:22.889 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 11:59:06.131 [138011] info client.cpp::callSync []
2026-06-04 11:59:07.226 [138011] info client.cpp::syncExclusions Updated exclusions: 826a32d541fd6b31a928e00c144da16a
2026-06-04 11:59:07.226 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 826a32d541fd6b31a928e00c144da16a
2026-06-04 11:59:07.226 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-04 11:59:07.227 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-04 11:59:07.229 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 11:59:07.290 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 13:29:08.304 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 13:29:08.369 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 15:15:20.371 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 15:15:20.435 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 16:21:03.445 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 16:21:03.513 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 17:25:52.527 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 17:25:52.591 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 18:34:16.602 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 18:34:16.668 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 19:43:34.666 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 19:43:34.735 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 21:42:22.743 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 21:42:22.802 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 21:51:31.049 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 21:51:31.121 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-04 21:53:41.215 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-04 21:53:43.212 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "4b65f411fb8d3ddc51c102eb6b544238:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-04 21:53:46.540 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-04 21:53:46.542 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-06-04 21:53:46.542 [138009] info on_timer.cpp::update No agent updates available
2026-06-04 21:53:46.542 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-04 21:53:46.696 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-04 21:53:46.696 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-04 21:53:47.500 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-04 21:53:47.584 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110516
2026-06-04 21:53:48.794 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110516
2026-06-04 21:53:48.794 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110516
2026-06-04 21:53:48.922 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-04 21:53:49.122 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-04 21:53:49.122 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-04 21:53:49.278 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-04 21:53:49.279 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-04 21:53:49.279 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-04 21:53:51.245 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "4b65f411fb8d3ddc51c102eb6b544238:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-04 23:10:43.217 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-04 23:10:43.286 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 00:38:55.541 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 00:38:55.610 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 01:58:07.606 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 01:58:07.672 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 02:01:59.737 [138011] info on_nebula.cpp::handle Performing threat scan
2026-06-05 04:32:20.780 [138011] info on_nebula.cpp::handle Scan complete, duration: 9021
2026-06-05 04:32:20.793 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-05 04:32:20.801 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 04:32:20.869 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 05:58:45.123 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 05:58:45.194 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 07:00:59.226 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-05 07:00:59.226 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-05 07:00:59.226 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-05 07:00:59.226 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-05 07:00:59.227 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-05 07:00:59.228 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-05 07:01:10.380 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-05 07:01:11.395 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-05 07:01:19.799 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 363129090048, \"freespace_total\": 363129090048, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716752121856, \"freespace_total\": 716752121856, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11923234816, \"free_virtual\": 8319397888, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\
2026-06-05 07:01:19.830 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-05 07:17:04.206 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 07:17:04.271 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 08:50:41.277 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 08:50:41.341 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 09:51:00.357 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 09:51:00.423 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 11:24:36.424 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 11:24:36.489 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 12:25:48.741 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 12:25:48.806 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 13:37:48.807 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 13:37:48.877 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 15:12:18.880 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 15:12:18.950 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 15:41:40.718 [138011] info client.cpp::sync Command received : event.machine.sync
2026-06-05 15:41:40.993 [138011] error client.cpp::sync ParseError at /src/nebula/client.cpp:703 ()
2026-06-05 16:24:19.186 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 16:24:19.252 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 18:24:01.253 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 18:24:01.313 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 19:06:10.507 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-05 19:06:10.646 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-05 19:06:10.646 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-05 19:06:10.647 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-05 19:06:11.661 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-05 19:06:11.662 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-05 19:06:11.663 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-05 19:06:11.739 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780700771
2026-06-05 19:06:11.739 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780700771
2026-06-05 19:06:11.739 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-05 19:06:11.740 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-05 20:08:25.315 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 20:08:25.380 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 21:31:13.412 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 21:31:13.509 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 21:40:01.092 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 21:40:27.379 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 21:41:28.924 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 21:41:30.763 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 21:45:21.843 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 21:45:32.553 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 21:46:49.910 [138000] error plugin_manager.cpp::operator() plugin epa.linux.plugin.edr crashed, restarting
2026-06-05 21:46:54.054 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-05 21:46:55.871 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 21:46:57.287 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-05 21:50:44.873 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-05 21:53:53.884 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-05 21:53:53.999 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-05 21:53:54.398 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-05 21:53:54.398 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-06-05 21:53:54.398 [138009] info on_timer.cpp::update No agent updates available
2026-06-05 21:53:54.398 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-05 21:53:54.610 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-05 21:53:54.610 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-05 21:53:54.791 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-05 21:53:54.878 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110562
2026-06-05 21:53:54.990 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110562
2026-06-05 21:53:54.990 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110562
2026-06-05 21:53:55.059 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-05 21:53:57.035 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-05 21:53:57.037 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-05 21:53:57.146 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-05 21:53:57.146 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-05 21:53:57.147 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-05 23:36:45.305 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-05 23:36:45.372 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 01:00:27.386 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 01:00:27.452 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 01:27:57.627 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-06 01:28:01.641 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-06 02:01:59.522 [138011] info on_nebula.cpp::handle Performing threat scan
2026-06-06 03:19:36.923 [138011] info on_nebula.cpp::handle Scan complete, duration: 4657
2026-06-06 03:19:36.944 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-06 03:19:36.945 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 03:19:37.029 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 05:03:07.271 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 05:03:07.333 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 06:20:32.343 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 06:20:32.408 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 07:01:00.622 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-06 07:01:00.622 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-06 07:01:00.622 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-06 07:01:00.622 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-06 07:01:00.640 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-06 07:01:00.640 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-06 07:01:10.776 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-06 07:01:11.791 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-06 07:01:20.191 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 361364017152, \"freespace_total\": 361364017152, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716705595392, \"freespace_total\": 716705595392, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6625992704, \"free_virtual\": 3137675264, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-06-06 07:01:20.243 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-06 07:01:20.244 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 07:01:20.311 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 08:16:02.312 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 08:16:02.376 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 09:19:02.377 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 09:19:02.449 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 10:49:02.451 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 10:49:02.552 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 12:43:20.554 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 12:43:20.624 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 14:22:20.645 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 14:22:20.718 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 16:03:08.708 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 16:03:08.801 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 17:29:32.801 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 17:29:32.868 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 19:04:02.869 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 19:04:02.935 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 20:19:39.180 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 20:19:39.246 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-06 21:54:01.285 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-06 21:54:02.567 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-06 21:54:06.583 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-06 21:54:07.663 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-06 21:54:07.667 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-06-06 21:54:07.667 [138009] info on_timer.cpp::update No agent updates available
2026-06-06 21:54:07.667 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-06 21:54:07.813 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-06 21:54:07.814 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-06 21:54:08.608 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-06 21:54:08.672 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110610
2026-06-06 21:54:09.955 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110610
2026-06-06 21:54:09.956 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110610
2026-06-06 21:54:10.089 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-06 21:54:10.394 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-06 21:54:10.394 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-06 21:54:10.573 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-06 21:54:10.573 [138009] info sirius.cpp::downloadUpdates updating package: epa.linux.plugin.edr
2026-06-06 21:54:11.140 [138009] info sirius.cpp::backupEntry Backing up package: epa.linux.plugin.edr
2026-06-06 21:54:11.176 [138009] info sirius.cpp::download updated epa.linux.plugin.edr to version 1.0.115
2026-06-06 21:54:11.219 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-06 21:54:12.390 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-06 21:54:16.413 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-06 21:54:51.396 [138000] info sirius.cpp::unpack Extracting epa.linux.plugin.edr to /usr/share/mblinux/plugins/epa.linux.plugin.edr/
2026-06-06 21:54:52.400 [138000] info sirius.cpp::unpack Unpacked epa.linux.plugin.edr 1.0.115
2026-06-06 21:54:52.400 [138000] info sirius.cpp::installDownloaded installed epa.linux.plugin.edr 1.0.115
2026-06-06 21:55:00.566 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "16b30c42ef043f795104d6c2edd158d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-06 22:15:46.252 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-06 22:15:46.317 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 00:07:23.329 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 00:07:23.400 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 01:16:41.401 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 01:16:41.466 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 02:17:54.480 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 02:17:54.548 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 04:17:36.550 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 04:17:36.621 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 06:10:06.621 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 06:10:06.687 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 07:00:58.787 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-07 07:00:58.787 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-07 07:00:58.787 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-07 07:00:58.787 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-07 07:00:58.788 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-07 07:00:58.788 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-07 07:01:07.901 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-07 07:01:08.910 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-07 07:01:17.556 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 361416425472, \"freespace_total\": 361416425472, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716672270336, \"freespace_total\": 716672270336, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13816119296, \"free_virtual\": 4014546944, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\
2026-06-07 07:01:17.605 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-07 07:43:43.701 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 07:43:43.793 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 09:21:49.795 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 09:21:49.859 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 10:26:37.860 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 10:26:43.931 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 11:44:07.932 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 11:44:08.037 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 13:16:46.243 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-07 13:16:46.353 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-07 13:16:46.353 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-07 13:16:46.353 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-07 13:16:46.356 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 13:16:46.421 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 13:16:47.938 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "99059c7777c489d95693f20348343aa9:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-07 13:16:47.938 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-07 13:16:47.938 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-07 13:16:48.027 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780852607
2026-06-07 13:16:48.027 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780852607
2026-06-07 13:16:48.027 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-07 13:16:48.029 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-07 13:36:19.973 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-07 13:36:20.217 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-07 13:36:20.217 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-07 13:36:20.218 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-07 13:36:21.229 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "1ca9d819ad9389673a2ddd3ff44f35c1:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-07 13:36:21.229 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-07 13:36:21.229 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-07 13:36:21.298 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780853781
2026-06-07 13:36:21.298 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780853781
2026-06-07 13:36:21.298 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-07 13:36:21.303 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-07 13:38:22.620 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-07 13:38:22.764 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-07 13:38:22.764 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-07 13:38:22.764 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-07 13:38:24.086 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "7019d41754ee78fb77005d4dfedcd010:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-07 13:38:24.087 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-07 13:38:24.087 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-07 13:38:24.161 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780853904
2026-06-07 13:38:24.161 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780853904
2026-06-07 13:38:24.161 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-07 13:38:24.166 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-07 13:42:03.657 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-07 13:42:03.774 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-07 13:42:03.774 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-07 13:42:03.774 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-07 13:42:04.785 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "460a23bb7ddaa4b993ff43bc73b7fa89:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-07 13:42:04.786 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-07 13:42:04.786 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-07 13:42:04.865 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780854124
2026-06-07 13:42:04.866 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780854124
2026-06-07 13:42:04.866 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-07 13:42:04.877 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-07 13:43:02.634 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-07 13:43:02.711 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-07 13:43:02.711 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-07 13:43:02.711 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-07 13:43:03.173 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "d5ef162deb1941204310c675249cbaab:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-07 13:43:03.173 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-07 13:43:03.173 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-07 13:43:03.247 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780854183
2026-06-07 13:43:03.247 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780854183
2026-06-07 13:43:03.247 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-07 13:43:03.249 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-07 13:46:18.148 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-07 13:46:18.237 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-07 13:46:18.237 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-07 13:46:18.237 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-07 13:46:20.969 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "dd9adeec16b209ee0d324e49337dee9a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-07 13:46:20.970 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-07 13:46:20.970 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-07 13:46:21.057 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780854380
2026-06-07 13:46:21.057 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780854380
2026-06-07 13:46:21.057 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-07 13:46:21.058 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-07 14:57:34.622 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 14:57:34.686 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 16:42:52.687 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 16:42:52.752 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 18:11:58.753 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 18:11:58.818 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 19:53:40.819 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 19:53:40.885 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 20:54:52.886 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 20:54:52.956 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 21:54:15.243 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-07 21:54:19.573 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-07 21:54:19.573 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-06-07 21:54:19.573 [138009] info on_timer.cpp::update No agent updates available
2026-06-07 21:54:19.573 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-07 21:54:19.730 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-07 21:54:19.730 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-07 21:54:19.992 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "dd9adeec16b209ee0d324e49337dee9a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-07 21:54:20.538 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-07 21:54:20.650 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110654
2026-06-07 21:54:22.113 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110654
2026-06-07 21:54:22.113 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110654
2026-06-07 21:54:22.253 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-07 21:54:22.587 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-07 21:54:22.588 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-07 21:54:22.787 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-07 21:54:22.787 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-07 21:54:22.787 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-07 21:54:28.027 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "dd9adeec16b209ee0d324e49337dee9a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-07 22:09:34.949 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 22:09:35.020 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-07 23:10:47.021 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-07 23:10:47.091 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 00:12:00.110 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 00:12:00.180 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 00:29:56.308 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-08 00:29:56.590 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-08 00:29:56.590 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-08 00:29:56.590 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-08 00:29:57.603 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "87326fe4637720b5bb50941dc049ac31:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-08 00:29:57.603 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-08 00:29:57.603 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-08 00:29:57.691 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1780892997
2026-06-08 00:29:57.691 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1780892997
2026-06-08 00:29:57.691 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-08 00:29:57.705 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-08 01:27:37.192 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 01:27:37.258 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 02:01:58.302 [138011] info on_nebula.cpp::handle Performing threat scan
2026-06-08 04:34:07.822 [138011] info on_nebula.cpp::handle Scan complete, duration: 9129
2026-06-08 04:34:07.824 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-08 04:34:07.825 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 04:34:07.895 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 05:45:13.897 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 05:45:16.918 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 07:01:00.955 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-08 07:01:00.955 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-08 07:01:00.955 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-08 07:01:00.955 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-08 07:01:00.956 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-08 07:01:00.956 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-08 07:01:08.090 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-08 07:01:09.101 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-08 07:01:17.504 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 367981158400, \"freespace_total\": 367981158400, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716634644480, \"freespace_total\": 716634644480, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9146847232, \"free_virtual\": 4304740352, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-06-08 07:01:17.552 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-08 07:41:22.918 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 07:41:22.983 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 09:13:10.983 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 09:13:11.048 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 11:07:29.282 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 11:07:29.390 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 12:54:35.393 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 12:54:35.464 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 13:57:36.477 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 13:57:36.567 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 15:00:36.779 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 15:00:36.843 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 16:39:36.843 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 16:39:36.915 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 16:49:54.112 [138011] info client.cpp::callSync []
2026-06-08 16:49:55.191 [138011] info client.cpp::syncExclusions Updated exclusions: d6d64f05e33503c3bc38bc55105f3bca
2026-06-08 16:49:55.191 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: d6d64f05e33503c3bc38bc55105f3bca
2026-06-08 16:49:55.191 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-08 16:49:55.195 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-08 16:49:55.197 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 16:49:55.303 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 18:31:38.316 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 18:31:38.381 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 19:52:38.380 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 19:52:38.445 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 21:08:14.446 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 21:08:14.510 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-08 21:54:27.559 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-08 21:54:32.374 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "87326fe4637720b5bb50941dc049ac31:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-08 21:54:33.941 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-08 21:54:33.946 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-06-08 21:54:33.946 [138009] info on_timer.cpp::update No agent updates available
2026-06-08 21:54:33.946 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-08 21:54:34.101 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-08 21:54:34.101 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-08 21:54:34.847 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-08 21:54:35.117 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110700
2026-06-08 21:54:36.390 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "87326fe4637720b5bb50941dc049ac31:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-08 21:54:36.461 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110700
2026-06-08 21:54:36.461 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110700
2026-06-08 21:54:36.783 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-08 21:54:36.996 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-08 21:54:36.997 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-08 21:54:37.159 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-08 21:54:37.159 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-08 21:54:37.159 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-08 22:52:38.518 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-08 22:52:38.583 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 00:07:21.598 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 00:07:21.664 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 01:58:57.676 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 01:58:57.746 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 02:01:59.844 [138011] info on_nebula.cpp::handle Performing threat scan
2026-06-09 05:49:51.521 [138011] info on_nebula.cpp::handle Scan complete, duration: 13672
2026-06-09 05:49:52.256 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-09 05:49:52.257 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 05:49:52.328 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 07:00:59.342 [138011] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-09 07:00:59.342 [138011] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-09 07:00:59.342 [138011] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-09 07:00:59.342 [138011] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-09 07:00:59.342 [138011] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-09 07:00:59.342 [138011] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-09 07:01:07.475 [138011] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-09 07:01:08.484 [138011] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-09 07:01:16.893 [138011] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 366991785984, \"freespace_total\": 366991785984, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716595011584, \"freespace_total\": 716595011584, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.90\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6572339200, \"free_virtual\": 5061550080, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-06-09 07:01:16.924 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-09 07:01:16.925 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 07:01:16.988 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 08:58:16.989 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 08:58:17.061 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 10:01:17.062 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 10:01:17.129 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 11:30:23.128 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 11:30:23.199 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 12:38:47.196 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 12:38:47.255 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 13:16:52.647 [138011] info client.cpp::sync Command received : event.policy.refresh
2026-06-09 13:16:53.166 [138011] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-09 13:16:53.166 [138011] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-09 13:16:53.166 [138011] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-09 13:16:54.549 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "0793819f90a6c6173884f48b5c9f458e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-09 13:16:54.549 [138011] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-09 13:16:54.549 [138011] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-09 13:16:54.641 [138011] info client.cpp::syncExclusions Updated exclusions: nebula-1781025414
2026-06-09 13:16:54.641 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1781025414
2026-06-09 13:16:54.641 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-09 13:16:54.644 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-09 14:04:17.259 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 14:04:17.328 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 15:57:41.333 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 15:57:41.405 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 17:53:47.408 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 17:53:47.478 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 19:29:11.479 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 19:29:11.545 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 20:44:47.545 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 20:44:47.613 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-09 21:54:41.990 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-09 21:54:45.359 [138009] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-09 21:54:45.360 [138009] info update.cpp::launchAgentUpdate No agent updates available
2026-06-09 21:54:45.360 [138009] info on_timer.cpp::update No agent updates available
2026-06-09 21:54:45.360 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-09 21:54:45.520 [138009] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-09 21:54:45.521 [138009] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-09 21:54:45.601 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "0793819f90a6c6173884f48b5c9f458e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-09 21:54:46.333 [138009] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-09 21:54:46.478 [138009] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110742
2026-06-09 21:54:47.702 [138009] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110742
2026-06-09 21:54:47.702 [138009] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110742
2026-06-09 21:54:47.883 [138009] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-09 21:54:48.089 [138009] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-09 21:54:48.089 [138009] info sirius.cpp::downloadUpdates checking for new updates
2026-06-09 21:54:48.251 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-09 21:54:48.251 [138009] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-09 21:54:48.251 [138009] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-09 21:55:14.504 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "0793819f90a6c6173884f48b5c9f458e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-09 22:21:59.612 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-09 22:21:59.678 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 00:04:36.690 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 00:04:36.752 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 01:51:42.753 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 01:51:42.815 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 02:02:00.907 [138011] info on_nebula.cpp::handle Performing threat scan
2026-06-10 03:20:32.372 [138011] info on_nebula.cpp::handle Scan complete, duration: 4712
2026-06-10 03:20:32.373 [138011] info schedule_store.cpp::save Saved nebula schedules
2026-06-10 03:20:32.375 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 03:20:32.439 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 05:15:44.669 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 05:15:44.734 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 07:12:44.735 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 07:12:44.800 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 07:38:27.103 [138011] info client.cpp::callSync []
2026-06-10 07:38:28.185 [138011] info client.cpp::syncExclusions Updated exclusions: d69506c92dd217f1d5f9f7c68b20b14c
2026-06-10 07:38:28.185 [138011] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: d69506c92dd217f1d5f9f7c68b20b14c
2026-06-10 07:38:28.185 [138011] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-10 07:38:28.190 [138011] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-10 07:38:28.192 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 07:38:28.257 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 09:30:58.256 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 09:30:58.320 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 11:06:22.322 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 11:06:22.434 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 12:35:29.448 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 12:35:29.512 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 14:00:05.514 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 14:00:05.585 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 14:34:57.252 [138011] info client.cpp::sync Command received : event.machine.sync
2026-06-10 14:35:17.349 [138011] error client.cpp::sync ParseError at /src/nebula/client.cpp:703 ()
2026-06-10 15:11:11.586 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 15:11:11.650 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 16:57:23.650 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 16:57:23.714 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 18:36:23.716 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 18:36:23.780 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 18:51:42.928 [138011] info client.cpp::sync Command received : event.machine.sync
2026-06-10 18:51:44.779 [138011] error client.cpp::sync ParseError at /src/nebula/client.cpp:703 ()
2026-06-10 19:09:00.903 [138011] info client.cpp::sync Command received : event.machine.sync
2026-06-10 19:09:29.259 [138011] info client.cpp::callSync []
2026-06-10 19:09:39.328 [138011] warn client.cpp::syncPolicy NetworkError at /src/nebula/client.cpp:1080 ()
2026-06-10 19:13:54.938 [138011] info client.cpp::sync Command received : event.machine.sync
2026-06-10 19:13:55.009 [138011] error client.cpp::sync ParseError at /src/nebula/client.cpp:703 ()
2026-06-10 20:28:54.012 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 20:28:54.077 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 21:42:42.084 [138011] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 21:42:42.230 [138011] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 21:52:13.108 [138008] info telemetry_controller.cpp::processTelemetryData processing exiting
2026-06-10 21:52:15.989 [138011] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.90", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.90", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "0793819f90a6c6173884f48b5c9f458e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-10 21:52:17.031 [138012] info communicator.cpp::processor processing exited
2026-06-10 21:52:31.033 [137994] warn plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-06-10 21:52:31.484 [137994] warn plugin_manager.cpp::finalize failed to kill plugin epa.linux.plugin.edr
2026-06-10 21:52:31.484 [137994] warn plugin_manager.cpp::finalize OSError at /src/nebula/plugin_manager.cpp:515 ()
2026-06-10 21:52:32.484 [137994] info mbdaemon.cpp::main Exiting Main - 0
2026-06-10 21:52:32.531 [221708] info mbdaemon.cpp::main ************** mbdaemon has started - version 1.1.91 **************
2026-06-10 21:52:32.533 [221708] info mbdaemon.cpp::main logLevel is info
2026-06-10 21:52:32.533 [221708] info mbdaemon.cpp::main syslogLevel is warn
2026-06-10 21:52:32.533 [221708] info sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-06-10 21:52:32.533 [221708] info sirius.cpp::initialize Setting Sirius channel: release
2026-06-10 21:52:32.717 [221708] info sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-06-10 21:52:32.761 [221708] info telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-06-10 21:52:33.008 [221708] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-10 21:52:33.008 [221728] info telemetry_controller.cpp::processTelemetryData processing starting
2026-06-10 21:52:33.008 [221732] info communicator.cpp::processor processing starting
2026-06-10 21:52:36.031 [221731] info client.cpp::initialize Upgrade detected from mblinux/1.1.90 to mblinux/1.1.91
2026-06-10 21:52:36.031 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-10 21:52:36.031 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-10 21:52:36.133 [221731] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.ars
2026-06-10 21:52:36.133 [221731] info sirius.cpp::downloadUpdates checking for new updates
2026-06-10 21:52:36.326 [221731] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-10 21:52:36.326 [221731] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.ars, using old version
2026-06-10 21:52:36.326 [221731] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-06-10 21:52:36.595 [221731] info plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-06-10 21:52:36.595 [221731] info sirius.cpp::downloadUpdates checking for new updates
2026-06-10 21:52:36.755 [221731] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-10 21:52:36.799 [221731] info plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-06-10 21:52:36.799 [221731] info plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-06-10 21:52:36.818 [221731] info schedule_store.cpp::load Loaded nebula schedules
2026-06-10 21:52:36.906 [221731] info client.cpp::callSync []
2026-06-10 21:52:37.004 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-10 21:52:37.004 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-10 21:52:37.009 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-10 21:52:38.011 [221731] info client.cpp::checkAgentAndAssetInfo Sending asset info for new version
2026-06-10 21:52:38.030 [221731] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-10 21:52:38.031 [221731] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-10 21:52:38.031 [221731] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-10 21:52:38.031 [221731] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-10 21:52:38.031 [221731] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-10 21:52:40.325 [221729] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-10 21:52:40.405 [221729] info update.cpp::launchAgentUpdate No agent updates available
2026-06-10 21:52:40.405 [221729] info on_timer.cpp::update No agent updates available
2026-06-10 21:52:40.405 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-10 21:52:40.553 [221729] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-10 21:52:40.553 [221729] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-10 21:52:41.443 [221729] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-10 21:52:41.766 [221729] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110780
2026-06-10 21:52:44.189 [221729] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110780
2026-06-10 21:52:44.189 [221729] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110780
2026-06-10 21:52:44.524 [221729] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-10 21:52:44.756 [221729] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-10 21:52:48.234 [221731] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-10 21:52:49.244 [221731] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-10 21:52:56.708 [221731] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 372985049088, \"freespace_total\": 372985049088, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716528230400, \"freespace_total\": 716528230400, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.91\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 28326055936, \"free_virtual\": 5685452800, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\
2026-06-10 21:52:56.754 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "3f3be91a9af87c0098e7a754075523f9-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-10 21:52:56.883 [221731] info client.cpp::syncExclusions Updated exclusions: 1d37c3a1028c08926902e658f4f7c548
2026-06-10 21:52:56.893 [221731] info client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-06-10 21:52:56.894 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 21:52:56.965 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-10 21:53:00.975 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "3f3be91a9af87c0098e7a754075523f9-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-10 21:53:00.976 [221731] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 1d37c3a1028c08926902e658f4f7c548
2026-06-10 21:53:00.976 [221731] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-10 21:53:00.977 [221731] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-10 23:16:39.349 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-10 23:16:39.420 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 00:34:57.422 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 00:34:57.491 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 02:02:00.622 [221731] info on_nebula.cpp::handle Performing threat scan
2026-06-11 04:27:44.412 [221731] info on_nebula.cpp::handle Scan complete, duration: 8744
2026-06-11 04:27:44.417 [221731] info schedule_store.cpp::save Saved nebula schedules
2026-06-11 04:27:44.418 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 04:27:44.488 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 06:28:20.490 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 06:28:20.561 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 07:01:00.637 [221731] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-11 07:01:00.637 [221731] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-11 07:01:00.637 [221731] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-11 07:01:00.637 [221731] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-11 07:01:00.638 [221731] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-11 07:01:00.638 [221731] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-11 07:01:11.774 [221731] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-11 07:01:12.787 [221731] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-11 07:01:21.170 [221731] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 365523546112, \"freespace_total\": 365523546112, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716523044864, \"freespace_total\": 716523044864, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.91\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7027404800, \"free_virtual\": 5786640384, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-06-11 07:01:21.200 [221731] info schedule_store.cpp::save Saved nebula schedules
2026-06-11 07:28:38.562 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 07:28:38.634 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 07:42:35.112 [221731] info client.cpp::sync Command received : event.policy.refresh
2026-06-11 07:42:35.384 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-11 07:42:35.384 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-11 07:42:35.384 [221731] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-11 07:42:37.435 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "682499a5da92fa42e58a2d47da4ce980-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-11 07:42:37.436 [221731] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-11 07:42:37.436 [221731] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-11 07:42:37.522 [221731] info client.cpp::syncExclusions Updated exclusions: nebula-1781178157
2026-06-11 07:42:37.522 [221731] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1781178157
2026-06-11 07:42:37.522 [221731] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-11 07:42:37.523 [221731] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-11 09:07:39.648 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 09:07:39.739 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 10:25:03.741 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 10:25:03.806 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 11:42:27.808 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 11:42:27.872 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 13:03:27.874 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 13:03:27.940 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 14:33:27.941 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 14:33:28.006 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 16:18:46.007 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 16:18:46.071 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 17:41:34.073 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 17:41:34.137 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 19:07:04.139 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 19:07:04.203 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 20:07:22.205 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 20:07:22.270 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 21:52:40.074 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 21:52:40.145 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-11 21:52:49.580 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-11 21:52:52.186 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "682499a5da92fa42e58a2d47da4ce980-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-11 21:52:55.920 [221729] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-11 21:52:55.920 [221729] info update.cpp::launchAgentUpdate No agent updates available
2026-06-11 21:52:55.920 [221729] info on_timer.cpp::update No agent updates available
2026-06-11 21:52:55.920 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-11 21:52:56.069 [221729] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-11 21:52:56.069 [221729] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-11 21:52:56.200 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "682499a5da92fa42e58a2d47da4ce980-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-11 21:52:56.554 [221729] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-11 21:52:56.659 [221729] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110822
2026-06-11 21:52:57.877 [221729] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110822
2026-06-11 21:52:57.877 [221729] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110822
2026-06-11 21:52:57.977 [221729] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-11 21:52:58.223 [221729] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-11 21:52:58.223 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-11 21:52:58.378 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-11 21:52:58.378 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-11 21:52:58.379 [221729] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-11 23:02:52.343 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-11 23:02:52.412 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 00:34:40.413 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 00:34:40.483 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 01:59:16.485 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 01:59:16.575 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 03:24:46.575 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 03:24:46.679 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 05:15:28.682 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 05:15:28.747 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 07:00:59.808 [221731] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-12 07:00:59.808 [221731] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-12 07:00:59.808 [221731] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-12 07:00:59.808 [221731] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-12 07:00:59.809 [221731] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-12 07:00:59.809 [221731] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-12 07:01:10.940 [221731] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-12 07:01:11.954 [221731] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-12 07:01:20.342 [221731] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364733681664, \"freespace_total\": 364733681664, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716504973312, \"freespace_total\": 716504973312, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.91\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7148204032, \"free_virtual\": 6011297792, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-06-12 07:01:20.372 [221731] info schedule_store.cpp::save Saved nebula schedules
2026-06-12 07:07:58.748 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 07:07:58.814 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 08:37:58.815 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 08:37:58.881 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 10:02:34.883 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 10:02:34.947 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 12:03:10.948 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 12:03:11.013 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 13:32:17.014 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 13:32:17.077 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 15:13:59.078 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 15:13:59.150 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 16:07:27.873 [221731] info client.cpp::sync Command received : event.policy.refresh
2026-06-12 16:07:27.986 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-12 16:07:27.986 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-12 16:07:27.987 [221731] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-12 16:07:29.034 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "61e60d5d29bc098dce305a29a97d17f7-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-12 16:07:29.035 [221731] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-12 16:07:29.035 [221731] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-12 16:07:29.124 [221731] info client.cpp::syncExclusions Updated exclusions: nebula-1781294849
2026-06-12 16:07:29.124 [221731] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1781294849
2026-06-12 16:07:29.124 [221731] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-12 16:07:29.126 [221731] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-12 17:06:30.165 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 17:06:30.228 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 18:42:48.230 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 18:42:48.299 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 19:53:00.300 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 19:53:00.367 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 21:17:36.368 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 21:17:36.432 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-12 21:53:02.885 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-12 21:53:06.022 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "61e60d5d29bc098dce305a29a97d17f7-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-12 21:53:09.231 [221729] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-12 21:53:09.239 [221729] info update.cpp::launchAgentUpdate No agent updates available
2026-06-12 21:53:09.239 [221729] info on_timer.cpp::update No agent updates available
2026-06-12 21:53:09.239 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-12 21:53:09.398 [221729] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-12 21:53:09.398 [221729] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-12 21:53:09.886 [221729] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-12 21:53:10.158 [221729] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110860
2026-06-12 21:53:11.582 [221729] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110860
2026-06-12 21:53:11.582 [221729] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110860
2026-06-12 21:53:11.899 [221729] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-12 21:53:12.126 [221729] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-12 21:53:12.126 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-12 21:53:12.285 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-12 21:53:12.285 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-12 21:53:12.286 [221729] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-12 21:53:14.052 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "61e60d5d29bc098dce305a29a97d17f7-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-12 22:44:54.433 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-12 22:44:54.499 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 00:22:07.510 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 00:22:07.582 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 01:35:55.585 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 01:35:55.736 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 02:02:00.940 [221731] info on_nebula.cpp::handle Performing threat scan
2026-06-13 04:39:48.229 [221731] info on_nebula.cpp::handle Scan complete, duration: 9468
2026-06-13 04:39:48.237 [221731] info schedule_store.cpp::save Saved nebula schedules
2026-06-13 04:39:48.239 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 04:39:48.303 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 06:20:37.317 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 06:20:37.387 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 07:38:02.400 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 07:38:02.506 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 08:54:32.507 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 08:54:32.579 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 09:56:38.581 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 09:56:38.653 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 11:41:56.654 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 11:41:56.723 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 13:01:08.725 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 13:01:08.790 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 14:22:09.014 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 14:22:09.087 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 16:20:57.088 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 16:20:57.159 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 17:34:45.159 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 17:34:45.226 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 18:39:33.227 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 18:39:33.299 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 20:15:52.313 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 20:15:52.384 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 21:48:34.385 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 21:48:34.443 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-13 21:53:16.444 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-13 21:53:20.065 [221729] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-13 21:53:20.070 [221729] info update.cpp::launchAgentUpdate No agent updates available
2026-06-13 21:53:20.070 [221729] info on_timer.cpp::update No agent updates available
2026-06-13 21:53:20.070 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-13 21:53:20.230 [221729] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-13 21:53:20.230 [221729] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-13 21:53:21.067 [221729] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-13 21:53:21.167 [221729] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110910
2026-06-13 21:53:22.643 [221729] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110910
2026-06-13 21:53:22.643 [221729] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110910
2026-06-13 21:53:22.975 [221729] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-13 21:53:23.214 [221729] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-13 21:53:23.215 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-13 21:53:23.375 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-13 21:53:23.375 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-13 21:53:23.376 [221729] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-13 23:45:34.446 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-13 23:45:34.512 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 01:08:23.525 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 01:08:23.591 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 03:07:11.592 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 03:07:11.656 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 04:31:47.658 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 04:31:47.727 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 05:50:59.729 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 05:50:59.794 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 07:00:58.976 [221731] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-14 07:00:58.976 [221731] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-14 07:00:58.976 [221731] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-14 07:00:58.976 [221731] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-14 07:00:58.977 [221731] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-14 07:00:58.994 [221731] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-14 07:01:08.124 [221731] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-14 07:01:08.138 [221731] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-14 07:01:15.764 [221731] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 363054985216, \"freespace_total\": 363054985216, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716462620672, \"freespace_total\": 716462620672, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.91\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6746341376, \"free_virtual\": 6258761728, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-06-14 07:01:15.802 [221731] info schedule_store.cpp::save Saved nebula schedules
2026-06-14 07:33:35.795 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 07:33:35.864 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 09:29:41.866 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 09:29:41.957 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 10:39:53.958 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 10:39:54.029 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 12:36:54.030 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 12:36:54.100 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 14:26:42.101 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 14:26:42.166 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 16:18:18.167 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 16:18:18.227 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 17:39:18.228 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 17:39:18.308 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 19:17:24.310 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 19:17:24.368 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 20:38:24.369 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 20:38:24.439 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 21:53:28.073 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-14 21:53:30.228 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "61e60d5d29bc098dce305a29a97d17f7-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-14 21:53:32.415 [221729] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-14 21:53:32.416 [221729] info update.cpp::launchAgentUpdate No agent updates available
2026-06-14 21:53:32.416 [221729] info on_timer.cpp::update No agent updates available
2026-06-14 21:53:32.416 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-14 21:53:32.569 [221729] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-14 21:53:32.569 [221729] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-14 21:53:32.995 [221729] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-14 21:53:33.254 [221729] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110954
2026-06-14 21:53:34.584 [221729] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110954
2026-06-14 21:53:34.584 [221729] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110954
2026-06-14 21:53:34.934 [221729] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-14 21:53:35.133 [221729] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-14 21:53:35.134 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-14 21:53:35.292 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-14 21:53:35.292 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-14 21:53:35.292 [221729] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-14 21:53:46.289 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "61e60d5d29bc098dce305a29a97d17f7-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-14 22:35:24.441 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 22:35:24.534 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-14 23:46:31.534 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-14 23:46:31.597 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 00:48:46.146 [221731] info client.cpp::callSync []
2026-06-15 00:52:15.896 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-15 00:52:15.896 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-15 00:52:17.408 [221731] info client.cpp::syncExclusions Updated exclusions: 19c77cdb17a8f9407c82aa92300f1060
2026-06-15 00:52:17.408 [221731] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 19c77cdb17a8f9407c82aa92300f1060
2026-06-15 00:52:17.408 [221731] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-15 00:52:17.411 [221731] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-15 00:52:17.413 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 00:52:17.751 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 01:02:18.015 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 01:02:20.115 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 01:12:41.888 [221731] info client.cpp::callSync []
2026-06-15 01:12:56.426 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-15 01:12:56.426 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-15 01:12:57.438 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 01:12:57.497 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 03:11:46.512 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 03:11:46.571 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 04:58:52.574 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 04:58:52.640 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 06:11:10.785 [221731] info client.cpp::callSync []
2026-06-15 06:11:42.879 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-15 06:11:42.879 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-15 06:11:43.891 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 06:12:42.156 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 07:21:11.232 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 07:21:11.303 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 09:09:11.304 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 09:09:11.374 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 10:23:53.375 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 10:23:53.441 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 12:23:36.454 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 12:23:36.519 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 14:05:18.520 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 14:05:18.590 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 14:39:17.961 [221731] info client.cpp::registerRefresh nebula client refresh success
2026-06-15 14:39:17.962 [221731] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.ars
2026-06-15 14:39:17.962 [221731] info plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-06-15 14:39:17.985 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 14:39:18.052 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 15:20:18.912 [221731] info client.cpp::sync Command received : event.policy.refresh
2026-06-15 15:20:19.777 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-15 15:20:19.777 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-15 15:20:19.778 [221731] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-15 15:20:20.794 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "ac7b6e7021bdb61bab64db2bede1a898-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-15 15:20:20.795 [221731] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-15 15:20:20.795 [221731] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-15 15:20:20.885 [221731] info client.cpp::syncExclusions Updated exclusions: nebula-1781551220
2026-06-15 15:20:20.885 [221731] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1781551220
2026-06-15 15:20:20.885 [221731] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-15 15:20:20.895 [221731] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-15 16:30:54.258 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 16:30:54.328 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 18:06:19.345 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 18:06:19.410 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 19:08:26.423 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 19:08:26.486 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 20:42:56.488 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 20:42:56.552 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 21:49:32.553 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 21:49:32.620 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-15 21:53:40.215 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-15 21:53:45.577 [221729] info sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-06-15 21:53:45.577 [221729] info update.cpp::launchAgentUpdate No agent updates available
2026-06-15 21:53:45.577 [221729] info on_timer.cpp::update No agent updates available
2026-06-15 21:53:45.577 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-15 21:53:45.738 [221729] info sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-06-15 21:53:45.738 [221729] info sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-06-15 21:53:46.146 [221729] info sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-06-15 21:53:46.241 [221729] info sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.110998
2026-06-15 21:53:47.471 [221729] info sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.110998
2026-06-15 21:53:47.471 [221729] info sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.110998
2026-06-15 21:53:47.585 [221729] info IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-06-15 21:53:47.826 [221729] info IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-06-15 21:53:47.826 [221729] info sirius.cpp::downloadUpdates checking for new updates
2026-06-15 21:53:47.988 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.ars does not need updating
2026-06-15 21:53:47.988 [221729] info sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-06-15 21:53:47.989 [221729] info command_history.cpp::Cleanup Performing command history cleanup
2026-06-15 23:42:02.622 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-15 23:42:02.694 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-16 01:09:20.695 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-16 01:09:20.764 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-16 02:02:01.255 [221731] info on_nebula.cpp::handle Performing threat scan
2026-06-16 04:22:50.667 [221731] info on_nebula.cpp::handle Scan complete, duration: 8449
2026-06-16 04:22:50.684 [221731] info schedule_store.cpp::save Saved nebula schedules
2026-06-16 04:22:50.685 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-16 04:22:50.753 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-16 05:56:26.754 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-16 05:56:26.820 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-16 06:10:48.290 [221731] info client.cpp::sync Command received : event.policy.refresh
2026-06-16 06:10:48.505 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-16 06:10:48.505 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-16 06:10:48.505 [221731] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-16 06:10:49.517 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "082c36d2c8318ed9fdd24fe9d0210929-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-16 06:10:49.518 [221731] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-16 06:10:49.518 [221731] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-16 06:10:49.612 [221731] info client.cpp::syncExclusions Updated exclusions: nebula-1781604649
2026-06-16 06:10:49.612 [221731] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1781604649
2026-06-16 06:10:49.612 [221731] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-16 06:10:49.614 [221731] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-16 06:12:25.616 [221731] info client.cpp::sync Command received : event.policy.refresh
2026-06-16 06:12:25.755 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-16 06:12:25.755 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-16 06:12:25.755 [221731] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-16 06:12:26.767 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "6cce94327f9056e0e5cd9f84a7d97476-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-16 06:12:26.768 [221731] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-16 06:12:26.768 [221731] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-16 06:12:26.847 [221731] info client.cpp::syncExclusions Updated exclusions: nebula-1781604746
2026-06-16 06:12:26.847 [221731] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1781604746
2026-06-16 06:12:26.847 [221731] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-16 06:12:26.848 [221731] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-16 06:19:25.628 [221731] info client.cpp::sync Command received : event.policy.refresh
2026-06-16 06:19:25.774 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-16 06:19:25.774 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-16 06:19:25.774 [221731] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-16 06:19:27.421 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "a6b5609899ff32e779057ede4100d40b-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-16 06:19:27.421 [221731] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-16 06:19:27.422 [221731] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-16 06:19:27.507 [221731] info client.cpp::syncExclusions Updated exclusions: nebula-1781605167
2026-06-16 06:19:27.507 [221731] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1781605167
2026-06-16 06:19:27.507 [221731] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-16 06:19:27.519 [221731] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-16 06:42:25.854 [221731] info client.cpp::sync Command received : event.policy.refresh
2026-06-16 06:42:26.006 [221731] info asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-16 06:42:26.006 [221731] info client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-06-16 06:42:26.006 [221731] info on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-06-16 06:42:28.576 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "d8e2a5e156f7a37f78ccaff1474dfe0f-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-16 06:42:28.577 [221731] info client.cpp::sync Command received : event.exclusion.refresh
2026-06-16 06:42:28.577 [221731] info client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-06-16 06:42:28.654 [221731] info client.cpp::syncExclusions Updated exclusions: nebula-1781606548
2026-06-16 06:42:28.654 [221731] info on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1781606548
2026-06-16 06:42:28.654 [221731] info exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-06-16 06:42:28.659 [221731] info exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-06-16 07:01:00.970 [221731] info DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-06-16 07:01:00.970 [221731] info asset_mgmt.cpp::collectData Collecting asset information
2026-06-16 07:01:00.970 [221731] info asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-06-16 07:01:00.970 [221731] info asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-06-16 07:01:00.970 [221731] info asset_mgmt.cpp::collectMemory Collecting memory information
2026-06-16 07:01:00.970 [221731] info asset_mgmt.cpp::collectDrives Collecting drive information
2026-06-16 07:01:12.094 [221731] info asset_mgmt.cpp::collectStartups Collecting startups information
2026-06-16 07:01:13.107 [221731] info asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-06-16 07:01:21.539 [221731] info client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 362737807360, \"freespace_total\": 362737807360, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 837558272, \"freespace_total\": 837558272, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716419973120, \"freespace_total\": 716419973120, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}], \"engine_version\": \"1.1.91\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 4422365184, \"free_virtual\": 6575169536, \"total_physical\": 65940365312, \"total_virtual\": 8589930496}, \"nics\"
2026-06-16 07:01:21.635 [221731] info schedule_store.cpp::save Saved nebula schedules
2026-06-16 07:01:21.636 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-16 07:01:21.701 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-16 08:43:04.714 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-16 08:43:04.785 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-16 09:50:34.786 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-16 09:50:34.857 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-16 10:14:35.050 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "d8e2a5e156f7a37f78ccaff1474dfe0f-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-16 10:14:39.337 [221731] info client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.91", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.15", "product_name": "Linux Active Response Shell", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.0.115", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.91", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202605061706"}], "policy_etag": "d8e2a5e156f7a37f78ccaff1474dfe0f-f23a3ded:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:79", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-06-16 10:15:08.781 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-16 10:15:08.848 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established
2026-06-16 12:07:38.859 [221731] info web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-06-16 12:07:38.930 [221731] info web_socket.cpp::connectIfNeeded WebSocket connection established