-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy path218007301253_CloudTrail_us-east-1_20230710T1225Z_QqgbBkK0L13H8Wbv.json
1 lines (1 loc) · 3.36 KB
/
218007301253_CloudTrail_us-east-1_20230710T1225Z_QqgbBkK0L13H8Wbv.json
1
{"Records":[{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5U6Q3TMDR","arn":"arn:aws:iam::123837392027:user/benjamin","accountId":"123837392027","accessKeyId":"ASIATFQR7NSCQFOJ33UA","userName":"benjamin","sessionContext":{"sessionIssuer":{},"webIdFederationData":{},"attributes":{"creationDate":"2023-07-10T11:42:31Z","mfaAuthenticated":"true"}},"invokedBy":"health.amazonaws.com"},"eventTime":"2023-07-10T12:17:46Z","eventSource":"health.amazonaws.com","eventName":"DescribeEventAggregates","awsRegion":"us-east-1","sourceIPAddress":"health.amazonaws.com","userAgent":"AWS Internal","requestParameters":{"filter":{"startTimes":[{"from":"Jul 3, 2023, 12:17:45 PM"}],"eventStatusCodes":["open","upcoming"]},"aggregateField":"eventTypeCategory"},"responseElements":null,"requestID":"6f8ca0c3-974f-4b0a-a870-110717ff647c","eventID":"439025ee-1420-41d7-b262-a54ceca7d349","readOnly":true,"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","sessionCredentialFromConsole":"true"},{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5AU2ZV3IE","arn":"arn:aws:iam::123837392027:user/bert-jan","accountId":"123837392027","accessKeyId":"AKIATFQR7NSC8Q4X20BJ","userName":"bert-jan"},"eventTime":"2023-07-10T12:20:20Z","eventSource":"rds.amazonaws.com","eventName":"DescribeDBSnapshots","awsRegion":"us-east-1","sourceIPAddress":"192.168.10.20","userAgent":"APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.76.1 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.44.157 (go1.19.3; linux; amd64) stratus-red-team_06a62bf9-ef89-43a1-a17b-5234dcbf4cb4 HashiCorp-terraform-exec/0.17.3","requestParameters":{"dBSnapshotIdentifier":"exfiltration","includeShared":false,"includePublic":false},"responseElements":null,"requestID":"e37b6bc7-3d9d-4740-9f24-c2896eed816b","eventID":"3a53af9f-5ef7-49d3-866d-8ada572e1faf","readOnly":true,"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","tlsDetails":{"tlsVersion":"TLSv1.2","cipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","clientProvidedHostHeader":"rds.us-east-1.amazonaws.com"}},{"eventVersion":"1.08","userIdentity":{"type":"IAMUser","principalId":"AIDATFQR7NSC5AU2ZV3IE","arn":"arn:aws:iam::123837392027:user/bert-jan","accountId":"123837392027","accessKeyId":"AKIATFQR7NSC8Q4X20BJ","userName":"bert-jan"},"eventTime":"2023-07-10T12:20:51Z","eventSource":"rds.amazonaws.com","eventName":"DescribeDBSnapshots","awsRegion":"us-east-1","sourceIPAddress":"192.168.10.20","userAgent":"APN/1.0 HashiCorp/1.0 Terraform/1.1.2 (+https://www.terraform.io) terraform-provider-aws/3.76.1 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.44.157 (go1.19.3; linux; amd64) stratus-red-team_06a62bf9-ef89-43a1-a17b-5234dcbf4cb4 HashiCorp-terraform-exec/0.17.3","requestParameters":{"includePublic":false,"dBSnapshotIdentifier":"exfiltration","includeShared":false},"responseElements":null,"requestID":"d9519f52-d8a1-4f4a-a9f9-2dec7239c4a4","eventID":"2e83fa88-ad29-4421-a668-cc57c7b00107","readOnly":true,"eventType":"AwsApiCall","managementEvent":true,"recipientAccountId":"123837392027","eventCategory":"Management","tlsDetails":{"tlsVersion":"TLSv1.2","cipherSuite":"ECDHE-RSA-AES128-GCM-SHA256","clientProvidedHostHeader":"rds.us-east-1.amazonaws.com"}}]}