root@ubuntu32:~# tail -f -n 20 /var/log/syslog Nov 7 19:35:54 ubuntu32 dhclient: DHCPREQUEST of 192.168.137.19 on eth0 to 192.168.137.254 port 67 Nov 7 19:35:54 ubuntu32 dhclient: DHCPACK of 192.168.137.19 from 192.168.137.254 Nov 7 19:35:54 ubuntu32 dhclient: bound to 192.168.137.19 -- renewal in 705 seconds. Nov 7 19:39:01 ubuntu32 CRON[10085]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib/php5/maxlifetime) -delete) Nov 7 19:47:39 ubuntu32 dhclient: DHCPREQUEST of 192.168.137.19 on eth0 to 192.168.137.254 port 67 Nov 7 19:47:39 ubuntu32 dhclient: DHCPACK of 192.168.137.19 from 192.168.137.254 Nov 7 19:47:39 ubuntu32 dhclient: bound to 192.168.137.19 -- renewal in 807 seconds. Nov 7 20:01:06 ubuntu32 dhclient: DHCPREQUEST of 192.168.137.19 on eth0 to 192.168.137.254 port 67 Nov 7 20:01:06 ubuntu32 dhclient: DHCPACK of 192.168.137.19 from 192.168.137.254 Nov 7 20:01:06 ubuntu32 dhclient: bound to 192.168.137.19 -- renewal in 864 seconds. Nov 7 20:09:01 ubuntu32 CRON[10098]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib/php5/maxlifetime) -delete) Nov 7 20:15:30 ubuntu32 dhclient: DHCPREQUEST of 192.168.137.19 on eth0 to 192.168.137.254 port 67 Nov 7 20:15:30 ubuntu32 dhclient: DHCPACK of 192.168.137.19 from 192.168.137.254 Nov 7 20:15:30 ubuntu32 dhclient: bound to 192.168.137.19 -- renewal in 884 seconds. Nov 7 20:17:01 ubuntu32 CRON[10107]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Nov 7 20:26:11 ubuntu32 kernel: [ 4620.563329] device eth0 entered promiscuous mode Nov 7 20:30:14 ubuntu32 dhclient: DHCPREQUEST of 192.168.137.19 on eth0 to 192.168.137.254 port 67 Nov 7 20:30:14 ubuntu32 dhclient: DHCPACK of 192.168.137.19 from 192.168.137.254 Nov 7 20:30:14 ubuntu32 dhclient: bound to 192.168.137.19 -- renewal in 819 seconds. Nov 7 20:36:06 ubuntu32 kernel: [ 5215.310579] device eth0 left promiscuous mode Nov 7 20:36:42 ubuntu32 kernel: [ 5251.012575] device eth0 entered promiscuous mode Nov 7 20:39:01 ubuntu32 CRON[10248]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib/php5/maxlifetime) -delete) Nov 7 20:41:51 ubuntu32 kernel: [ 5560.031586] device eth0 left promiscuous mode Nov 7 20:42:11 ubuntu32 kernel: [ 5579.997977] device eth0 entered promiscuous mode Nov 7 20:42:12 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {UDP} fe80:0000:0000:0000:b9a9:96b9:7700:13c3:54426 -> ff02:0000:0000:0000:0000:0000:0000:000c:1900 Nov 7 20:42:34 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 173.194.32.55:443 -> 192.168.137.19:41421 Nov 7 20:42:34 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:41421 -> 173.194.32.55:443 Nov 7 20:42:37 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.19:48467 -> 192.168.137.1:53 Nov 7 20:42:37 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.1:53 -> 192.168.137.19:48467 Nov 7 20:42:37 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {ICMP} 192.168.137.19:8 -> 87.248.112.181:0 Nov 7 20:42:38 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {ICMP} 192.168.137.19:8 -> 87.248.112.181:0 Nov 7 20:42:38 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {ICMP} 87.248.112.181:0 -> 192.168.137.19:0 Nov 7 20:42:38 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.19:38971 -> 192.168.137.1:53 Nov 7 20:42:38 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.1:53 -> 192.168.137.19:38971 Nov 7 20:42:39 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {ICMP} 192.168.137.19:8 -> 87.248.112.181:0 Nov 7 20:42:58 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56748 -> 173.194.32.55:443 Nov 7 20:42:58 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56748 -> 173.194.32.55:443 Nov 7 20:42:59 ubuntu32 suricata[10280]: [1:8888888:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 173.194.32.55:443 -> 192.168.137.19:56748 Nov 7 20:43:41 ubuntu32 kernel: [ 5669.621556] device eth0 left promiscuous mode Nov 7 20:43:44 ubuntu32 kernel: [ 5672.104844] device eth0 entered promiscuous mode Nov 7 20:43:47 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 173.194.32.55:443 -> 192.168.137.19:41421 Nov 7 20:43:47 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:41421 -> 173.194.32.55:443 Nov 7 20:43:53 ubuntu32 dhclient: DHCPREQUEST of 192.168.137.19 on eth0 to 192.168.137.254 port 67 Nov 7 20:43:53 ubuntu32 dhclient: DHCPACK of 192.168.137.19 from 192.168.137.254 Nov 7 20:43:53 ubuntu32 dhclient: bound to 192.168.137.19 -- renewal in 737 seconds. Nov 7 20:43:58 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56748 -> 173.194.32.55:443 Nov 7 20:43:58 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56748 -> 173.194.32.55:443 Nov 7 20:43:59 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 173.194.32.55:443 -> 192.168.137.19:56748 Nov 7 20:43:59 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:37028 -> 184.154.5.82:80 Nov 7 20:43:59 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 184.154.5.82:80 -> 192.168.137.19:37028 Nov 7 20:44:00 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:57955 -> 80.237.210.72:80 Nov 7 20:44:00 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:57955 Nov 7 20:44:00 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:57956 -> 80.237.210.72:80 Nov 7 20:44:00 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:57956 Nov 7 20:44:00 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:57957 -> 80.237.210.72:80 Nov 7 20:44:00 ubuntu32 suricata[10294]: [1:8888889:1] Test IP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:57957 Nov 7 20:44:27 ubuntu32 kernel: [ 5714.956474] device eth0 left promiscuous mode Nov 7 20:44:32 ubuntu32 kernel: [ 5719.996509] device eth0 entered promiscuous mode Nov 7 20:44:32 ubuntu32 suricata[10309]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56461 -> 80.237.210.72:80 Nov 7 20:44:32 ubuntu32 suricata[10309]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:56461 Nov 7 20:44:51 ubuntu32 kernel: [ 5739.877067] device eth0 left promiscuous mode Nov 7 20:45:25 ubuntu32 kernel: [ 5773.028352] device eth0 entered promiscuous mode Nov 7 20:45:28 ubuntu32 suricata[10320]: [1:8888890:1] Test UDP syslog output [Classification: (null)] [Priority: 3] {UDP} fe80:0000:0000:0000:b9a9:96b9:7700:13c3:54426 -> ff02:0000:0000:0000:0000:0000:0000:000c:1900 Nov 7 20:45:32 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56463 -> 80.237.210.72:80 Nov 7 20:45:32 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:56463 Nov 7 20:45:37 ubuntu32 suricata[10320]: [1:8888890:1] Test UDP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.19:47259 -> 192.168.137.1:53 Nov 7 20:45:37 ubuntu32 suricata[10320]: [1:8888890:1] Test UDP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.1:53 -> 192.168.137.19:47259 Nov 7 20:45:37 ubuntu32 suricata[10320]: [1:8888890:1] Test UDP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.19:39824 -> 192.168.137.1:53 Nov 7 20:45:38 ubuntu32 suricata[10320]: [1:8888890:1] Test UDP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.1:53 -> 192.168.137.19:39824 Nov 7 20:45:38 ubuntu32 suricata[10320]: [1:8888890:1] Test UDP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.19:38805 -> 192.168.137.1:53 Nov 7 20:45:39 ubuntu32 suricata[10320]: [1:8888890:1] Test UDP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.1:53 -> 192.168.137.19:38805 Nov 7 20:45:47 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 173.194.32.55:443 -> 192.168.137.19:56748 Nov 7 20:45:47 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56748 -> 173.194.32.55:443 Nov 7 20:45:47 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 173.194.32.55:443 -> 192.168.137.19:56748 Nov 7 20:45:47 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56748 -> 173.194.32.55:443 Nov 7 20:46:02 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56464 -> 80.237.210.72:80 Nov 7 20:46:02 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:56464 Nov 7 20:46:02 ubuntu32 suricata[10320]: [1:8888890:1] Test UDP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.19:39373 -> 192.168.137.1:53 Nov 7 20:46:02 ubuntu32 suricata[10320]: [1:8888890:1] Test UDP syslog output [Classification: (null)] [Priority: 3] {UDP} 192.168.137.1:53 -> 192.168.137.19:39373 Nov 7 20:46:02 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:59559 -> 173.194.32.53:443 Nov 7 20:46:02 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 173.194.32.53:443 -> 192.168.137.19:59559 Nov 7 20:46:02 ubuntu32 suricata[10320]: [1:8888889:1] Test TCP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:59559 -> 173.194.32.53:443 Nov 7 20:46:03 ubuntu32 kernel: [ 5811.029932] device eth0 left promiscuous mode Nov 7 20:46:50 ubuntu32 kernel: [ 5858.677514] device eth0 entered promiscuous mode Nov 7 20:47:02 ubuntu32 suricata[10334]: [1:8888891:1] Test HTTP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:56467 Nov 7 20:47:02 ubuntu32 suricata[10334]: [1:8888891:1] Test HTTP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:56467 Nov 7 20:47:02 ubuntu32 suricata[10334]: [1:8888891:1] Test HTTP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56467 -> 80.237.210.72:80 Nov 7 20:47:02 ubuntu32 suricata[10334]: [1:8888891:1] Test HTTP syslog output [Classification: (null)] [Priority: 3] {TCP} 192.168.137.19:56467 -> 80.237.210.72:80 Nov 7 20:47:02 ubuntu32 suricata[10334]: [1:8888891:1] Test HTTP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:56467 Nov 7 20:47:02 ubuntu32 suricata[10334]: [1:8888891:1] Test HTTP syslog output [Classification: (null)] [Priority: 3] {TCP} 80.237.210.72:80 -> 192.168.137.19:56467 Nov 7 20:47:07 ubuntu32 kernel: [ 5875.365267] device eth0 left promiscuous mode