LeakIX - Host 213.238.34.162

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb68a87ac817dbabea14e41ad02fa48e51f679d926

Found public CheckMk agent:
Version: 2.3.0p22
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: /opt/local/var/lib/check_mk_agent/spool
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local
OSType: unix
FailedPythonReason: 
SSHClient: 

Found process list through CheckMk:
[time]
1734829108
[processes]
(root,1724,924,0.0/121-17:29:45,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/121-17:29:50,12517) /lib/inet/ipmgmtd
(fpm,303424,3144,0.0/19:16:54,8928) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(haproxy,28752,18080,0.0/17-15:21:33,41928) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,1316760,1307948,0.0/121-17:29:40,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/121-17:29:53,11679) zsched
(root,2788,1576,0.0/121-17:29:52,11791) /sbin/init
(root,10192,8684,0.0/121-17:29:52,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/121-17:29:52,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/121-17:29:49,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/121-17:29:45,14647) /usr/sbin/cron
(root,39448,33972,0.0/121-17:29:48,13380) /usr/sbin/nscd
(root,2380,1188,0.0/121-17:29:45,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/121-17:29:45,14635) /usr/sbin/auditd
(root,2228,1120,0.0/121-17:29:45,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/121-17:29:45,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/121-17:29:45,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/121-17:29:45,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16588,0.0/121-17:29:45,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,9080,5600,0.0/121-17:29:44,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/121-17:29:44,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/121-17:29:43,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/121-17:29:43,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/121-17:29:37,17256) /sbin/dhcpagent
(root,2860,728,0.0/121-17:29:36,17494) /usr/lib/inet/in.ndpd
(root,1688,1204,0.0/00:00,3701) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,265660,5564,0.0/19:16:54,8917) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3888,2612,0.0/00:01,3547) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(postfix,11272,5156,0.0/01:27:01,72176) pickup -l -t unix -u
(root,5532,2356,0.0/00:00,3700) ps -o user=USER............ -o vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10
(root,3916,2244,0.0/00:00,3651) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3916,1096,0.0/00:00,3699) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3888,1352,0.0/00:00,3652) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,303436,3632,0.0/19:16:54,8922) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,268852,45704,0.0/04:53:57,94546) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,11428,4144,0.0/19:58:25,56894) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3464,0.0/19:16:54,8923) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268852,46184,0.0/05:36:06,33395) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13552,6056,0.0/19:58:25,56903) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3436,0.0/19:16:54,8924) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12328,5036,0.0/19:58:25,56898) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3436,0.0/19:16:54,8925) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3192,0.0/19:16:54,8927) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,1688,1032,0.0/00:00,3653) cat
(www,12568,5316,0.0/19:58:25,56900) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268404,33720,0.0/05:47:06,65826) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268404,32460,0.0/05:58:05,97472) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,538764,446748,0.0/19:16:53,8952) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,303428,3440,0.0/19:16:54,8926) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,14088,6328,0.0/19:54:05,87098) /opt/local/sbin/httpd -k start

Found on 2024-12-22 00:58

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb68a87ac817dbabea14e41ad02fa48e51803fa9e4

Found public CheckMk agent:
Version: 2.3.0p22
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: /opt/local/var/lib/check_mk_agent/spool
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local
OSType: unix
FailedPythonReason: 
SSHClient: 

Found process list through CheckMk:
[time]
1734654632
[processes]
(root,1724,924,0.0/119-17:01:49,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/119-17:01:55,12517) /lib/inet/ipmgmtd
(www,12328,5016,0.0/19:30:29,65556) /opt/local/sbin/httpd -k start
(haproxy,28752,18076,0.0/15-14:53:37,41928) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,1316760,1307948,0.0/119-17:01:45,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/119-17:01:57,11679) zsched
(root,2788,1576,0.0/119-17:01:57,11791) /sbin/init
(root,10192,8684,0.0/119-17:01:56,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/119-17:01:56,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/119-17:01:53,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/119-17:01:49,14647) /usr/sbin/cron
(root,39448,33940,0.0/119-17:01:52,13380) /usr/sbin/nscd
(root,2380,1188,0.0/119-17:01:49,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/119-17:01:49,14635) /usr/sbin/auditd
(root,2228,1120,0.0/119-17:01:49,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/119-17:01:49,14746) /usr/lib/inet/inetd start
(fpm,303424,3192,0.0/18:48:56,12841) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2016,1048,0.0/119-17:01:49,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/119-17:01:49,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16588,0.0/119-17:01:49,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,9016,5584,0.0/119-17:01:49,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/119-17:01:49,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/119-17:01:47,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/119-17:01:47,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/119-17:01:42,17256) /sbin/dhcpagent
(root,2860,728,0.0/119-17:01:41,17494) /usr/lib/inet/in.ndpd
(www,12684,5360,0.0/19:30:29,65562) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268724,41188,0.0/18:48:56,12830) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:48:56,12838) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3440,0.0/18:48:56,12840) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(postfix,11272,5212,0.0/01:19:08,72670) pickup -l -t unix -u
(www,12568,5284,0.0/19:30:29,65561) /opt/local/sbin/httpd -k start
(root,11428,4128,0.0/19:30:29,65552) /opt/local/sbin/httpd -k start
(fpm,303424,3144,0.0/18:48:56,12842) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(mysql,531864,441528,0.0/18:48:55,12847) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,269436,52136,0.0/18:48:56,12827) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268852,57372,0.0/18:48:56,12831) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1032,0.0/00:00,59556) cat
(root,3916,1096,0.0/00:00,59642) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:48:56,12839) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3888,1352,0.0/00:00,59555) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3916,2244,0.0/00:00,59554) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,303436,3632,0.0/18:48:56,12836) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,265660,5572,0.0/18:48:56,12826) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,14012,6328,0.0/19:24:09,3725) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268660,49876,0.0/18:48:56,12828) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,59644) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,303428,3464,0.0/18:48:56,12837) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3888,2600,0.0/00:01,59496) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,5532,2356,0.0/00:00,59643) ps -o user=USER............ -o vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10
(root,7448,4476,0.0/06:09,22851) /usr/lib/ssh/sshd -R
(root,7448,4476,0.0/01:36,49125) /usr/lib/ssh/sshd -R

Found on 2024-12-20 00:30

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb68a87ac817dbabea14e41ad02fa48e513c01de7f

Found public CheckMk agent:
Version: 2.3.0p22
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: /opt/local/var/lib/check_mk_agent/spool
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local
OSType: unix
FailedPythonReason: 
SSHClient: 

Found process list through CheckMk:
[time]
1734486228
[processes]
(root,1724,924,0.0/117-18:15:05,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/117-18:15:11,12517) /lib/inet/ipmgmtd
(haproxy,28752,18076,0.0/13-16:06:54,41928) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,1316760,1307944,0.0/117-18:15:01,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/117-18:15:14,11679) zsched
(root,2788,1576,0.0/117-18:15:13,11791) /sbin/init
(root,10192,8684,0.0/117-18:15:13,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/117-18:15:13,11918) /lib/svc/bin/svc.startd
(fpm,303424,3160,0.0/20:02:13,79981) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2632,1748,0.0/117-18:15:09,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/117-18:15:06,14647) /usr/sbin/cron
(root,39448,33792,0.0/117-18:15:09,13380) /usr/sbin/nscd
(root,2380,1188,0.0/117-18:15:05,14747) /usr/lib/saf/ttymon
(postfix,11272,5156,0.0/01:12:25,4193) pickup -l -t unix -u
(root,3368,2380,0.0/117-18:15:06,14635) /usr/sbin/auditd
(root,2228,1120,0.0/117-18:15:06,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/117-18:15:05,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/117-18:15:05,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/117-18:15:05,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16588,0.0/117-18:15:05,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,9016,5576,0.0/117-18:15:05,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/117-18:15:05,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/117-18:15:04,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/117-18:15:04,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/117-18:14:58,17256) /sbin/dhcpagent
(root,303436,3652,0.0/20:02:13,79975) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2860,728,0.0/117-18:14:57,17494) /usr/lib/inet/in.ndpd
(root,11428,4132,0.0/20:43:46,25081) /opt/local/sbin/httpd -k start
(www,12328,5052,0.0/20:43:46,25083) /opt/local/sbin/httpd -k start
(fpm,303424,3208,0.0/20:02:13,79980) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,265660,5596,0.0/20:02:13,79969) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,5532,2356,0.0/00:00,54524) ps -o user=USER............ -o vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10
(daemon,7584,1648,0.0/08:25,2716) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268564,45152,0.0/11:10:37,36063) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3452,0.0/20:02:13,79978) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3456,0.0/20:02:13,79979) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3916,2232,0.0/00:00,54475) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,1688,1032,0.0/00:00,54477) cat
(php_dev.elementare-vielfalt.de,268500,33972,0.0/11:21:37,65232) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,14452,6752,0.0/20:39:24,53687) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268500,32244,0.0/11:19:24,81711) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,540560,448652,0.0/20:02:12,79985) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(www,12884,5500,0.0/20:43:46,25084) /opt/local/sbin/httpd -k start
(root,7448,4476,0.0/04:46,25724) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268628,52460,0.0/11:08:24,50394) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,54525) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,303428,3452,0.0/20:02:13,79977) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7576,4636,0.0/08:26,2713) /usr/lib/ssh/sshd -R
(root,3916,1084,0.0/00:00,54523) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3888,2576,0.0/00:01,54432) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3888,1312,0.0/00:00,54476) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,14188,6456,0.0/20:43:46,25085) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3480,0.0/20:02:13,79976) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2024-12-18 01:43

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb68a87ac817dbabea14e41ad02fa48e51a8514d1a

Found public CheckMk agent:
Version: 2.3.0p22
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: /opt/local/var/lib/check_mk_agent/spool
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local
OSType: unix
FailedPythonReason: 
SSHClient: 

Found process list through CheckMk:
[time]
1734306625
[processes]
(root,1724,924,0.0/115-16:21:43,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/115-16:21:48,12517) /lib/inet/ipmgmtd
(www,12332,5100,0.0/18:50:23,60924) /opt/local/sbin/httpd -k start
(haproxy,28752,18076,0.0/11-14:13:31,41928) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,1316760,1307944,0.0/115-16:21:38,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/115-16:21:51,11679) zsched
(root,2788,1576,0.0/115-16:21:50,11791) /sbin/init
(root,10192,8684,0.0/115-16:21:50,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/115-16:21:50,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/115-16:21:46,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/115-16:21:43,14647) /usr/sbin/cron
(root,38932,33776,0.0/115-16:21:46,13380) /usr/sbin/nscd
(root,2380,1188,0.0/115-16:21:43,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/115-16:21:43,14635) /usr/sbin/auditd
(root,2228,1120,0.0/115-16:21:43,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/115-16:21:43,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/115-16:21:42,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/115-16:21:42,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16588,0.0/115-16:21:42,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,9016,5564,0.0/115-16:21:42,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/115-16:21:42,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/115-16:21:41,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/115-16:21:41,15458) /opt/local/libexec/postfix/master -w
(root,3916,2244,0.0/00:00,72643) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,2476,1136,0.0/115-16:21:35,17256) /sbin/dhcpagent
(root,2860,728,0.0/115-16:21:34,17494) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,268468,34996,0.0/05:19:00,15541) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,5532,2356,0.0/00:00,72769) ps -o user=USER............ -o vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10
(root,7448,4476,0.0/09:57,12291) /usr/lib/ssh/sshd -R
(root,3916,1096,0.0/00:00,72766) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7448,4476,0.0/04:03,46762) /usr/lib/ssh/sshd -R
(root,3888,1352,0.0/00:00,72644) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,303428,3464,0.0/18:08:46,16360) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12888,5512,0.0/18:50:23,60925) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268468,32924,0.0/05:38:14,94642) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:08:46,16363) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3144,0.0/18:08:46,16366) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,13140,5688,0.0/18:50:23,60926) /opt/local/sbin/httpd -k start
(root,7448,4476,0.0/05:12,39365) /usr/lib/ssh/sshd -R
(fpm,303424,3192,0.0/18:08:46,16364) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,265660,5556,0.0/18:08:47,16351) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,72770) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,268468,32924,0.0/05:27:15,64184) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1032,0.0/00:00,72649) cat
(root,303436,3632,0.0/18:08:46,16359) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(postfix,11272,5156,0.0/01:19:05,86511) pickup -l -t unix -u
(php_dev.elementare-vielfalt.de,268404,32932,0.0/05:16:31,31715) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,11428,4128,0.0/18:50:23,60923) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:08:46,16361) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:08:46,16362) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7448,4476,0.0/00:24,69188) /usr/lib/ssh/sshd -R
(root,3888,2612,0.0/00:01,72484) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,14392,6692,0.0/18:50:00,64684) /opt/local/sbin/httpd -k start
(mysql,536284,444740,0.0/18:08:45,16467) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log

Found on 2024-12-15 23:50

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb68a87ac817dbabea14e41ad02fa48e519de70005

Found public CheckMk agent:
Version: 2.3.0p22
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: /opt/local/var/lib/check_mk_agent/spool
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local
OSType: unix
FailedPythonReason: 
SSHClient: 

Found process list through CheckMk:
[time]
1734134648
[processes]
(root,1724,924,0.0/113-16:35:25,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/113-16:35:30,12517) /lib/inet/ipmgmtd
(root,7448,4476,0.0/02:23,80299) /usr/lib/ssh/sshd -R
(haproxy,28752,18076,0.0/9-14:27:13,41928) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,1316760,1307944,0.0/113-16:35:20,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/113-16:35:33,11679) zsched
(root,2788,1576,0.0/113-16:35:32,11791) /sbin/init
(root,10192,8684,0.0/113-16:35:32,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/113-16:35:32,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/113-16:35:29,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/113-16:35:25,14647) /usr/sbin/cron
(root,38932,33744,0.0/113-16:35:28,13380) /usr/sbin/nscd
(root,2380,1188,0.0/113-16:35:25,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/113-16:35:25,14635) /usr/sbin/auditd
(root,2228,1120,0.0/113-16:35:25,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/113-16:35:25,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/113-16:35:25,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/113-16:35:25,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16588,0.0/113-16:35:25,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,9016,5552,0.0/113-16:35:24,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/113-16:35:24,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/113-16:35:23,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/113-16:35:23,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/113-16:35:17,17256) /sbin/dhcpagent
(root,7448,4476,0.0/03:43,71351) /usr/lib/ssh/sshd -R
(root,2860,728,0.0/113-16:35:16,17494) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,268404,32416,0.0/04:54:57,5009) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,303436,3652,0.0/18:22:36,13921) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,11428,4128,0.0/19:04:05,63800) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3452,0.0/18:22:36,13924) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3916,1096,0.0/00:00,95047) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(mysql,538088,444972,0.0/18:22:35,14021) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,7448,4476,0.0/09:58,32373) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,303428,3480,0.0/18:22:36,13922) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(postfix,11272,5156,0.0/12:48,14734) pickup -l -t unix -u
(root,1688,1204,0.0/00:00,95049) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(www,12328,5048,0.0/19:04:05,63801) /opt/local/sbin/httpd -k start
(daemon,7584,1676,0.0/07:21,48107) /usr/lib/ssh/sshd -R
(root,7448,4476,0.0/04:53,62828) /usr/lib/ssh/sshd -R
(root,5532,2356,0.0/00:00,95048) ps -o user=USER............ -o vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10
(fpm,303424,3208,0.0/18:22:36,13926) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3456,0.0/18:22:36,13925) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268404,32412,0.0/05:27:57,2435) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,14192,6500,0.0/18:56:56,7761) /opt/local/sbin/httpd -k start
(root,1688,1032,0.0/00:00,95003) cat
(php_dev.elementare-vielfalt.de,268404,32416,0.0/05:38:43,39194) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268404,32416,0.0/05:27:43,4967) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7576,4648,0.0/07:21,48106) /usr/lib/ssh/sshd -R
(root,3888,2600,0.0/00:01,94954) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3888,1352,0.0/00:00,95002) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(daemon,7584,1676,0.0/05:07,62131) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,303428,3452,0.0/18:22:36,13923) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3916,2244,0.0/00:00,95001) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(fpm,303424,3160,0.0/18:22:36,13927) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12420,5116,0.0/19:04:05,63802) /opt/local/sbin/httpd -k start
(root,265660,5564,0.0/18:22:36,13897) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13592,6016,0.0/19:04:05,63803) /opt/local/sbin/httpd -k start
(root,7576,4648,0.0/05:08,62039) /usr/lib/ssh/sshd -R

Found on 2024-12-14 00:04

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb68a87ac817dbabea14e41ad02fa48e51ea842fc8

Found public CheckMk agent:
Version: 2.3.0p22
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: /opt/local/var/lib/check_mk_agent/spool
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local
OSType: unix
FailedPythonReason: 
SSHClient: 

Found process list through CheckMk:
[time]
1733965008
[processes]
(root,7448,4476,0.0/08:38,85) /usr/lib/ssh/sshd -R
(root,1724,924,0.0/111-17:28:05,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/111-17:28:11,12517) /lib/inet/ipmgmtd
(root,7448,4476,0.0/03:02,35025) /usr/lib/ssh/sshd -R
(haproxy,28752,18076,0.0/7-15:19:54,41928) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,1316760,1307940,0.0/111-17:28:01,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/111-17:28:13,11679) zsched
(root,2788,1576,0.0/111-17:28:13,11791) /sbin/init
(root,10192,8684,0.0/111-17:28:13,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/111-17:28:13,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/111-17:28:09,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/111-17:28:06,14647) /usr/sbin/cron
(root,38932,33716,0.0/111-17:28:08,13380) /usr/sbin/nscd
(root,2380,1188,0.0/111-17:28:05,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/111-17:28:06,14635) /usr/sbin/auditd
(root,7448,4476,0.0/08:53,99521) /usr/lib/ssh/sshd -R
(root,2228,1120,0.0/111-17:28:05,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/111-17:28:05,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/111-17:28:05,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/111-17:28:05,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16588,0.0/111-17:28:05,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,9016,5544,0.0/111-17:28:05,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/111-17:28:05,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/111-17:28:04,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/111-17:28:04,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/111-17:27:58,17256) /sbin/dhcpagent
(root,2860,728,0.0/111-17:27:57,17494) /usr/lib/inet/in.ndpd
(www,14204,6480,0.0/19:53:37,39982) /opt/local/sbin/httpd -k start
(postfix,11272,5156,0.0/01:25:29,28717) pickup -l -t unix -u
(root,3888,1360,0.0/00:00,51432) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7448,4476,0.0/07:17,8802) /usr/lib/ssh/sshd -R
(root,7448,4476,0.0/01:04,45875) /usr/lib/ssh/sshd -R
(root,11428,4132,0.0/19:56:45,16358) /opt/local/sbin/httpd -k start
(root,1688,1204,0.0/00:00,51479) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,7448,4476,0.0/06:35,10918) /usr/lib/ssh/sshd -R
(root,7448,4476,0.0/07:58,4679) /usr/lib/ssh/sshd -R
(root,3888,2632,0.0/00:01,51388) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,303428,3464,0.0/19:15:13,72322) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,303436,3632,0.0/19:15:13,72319) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(fpm,303424,3192,0.0/19:15:13,72328) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3440,0.0/19:15:13,72327) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,265660,5588,0.0/19:15:13,72308) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268532,32296,0.0/07:07:23,35795) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,535708,444036,0.0/19:15:11,72605) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(www,12544,5200,0.0/19:56:45,16359) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3436,0.0/19:15:13,72325) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3916,2276,0.0/00:00,51431) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3916,1124,0.0/00:00,51477) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,268532,32308,0.0/07:05:58,43104) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7448,4476,0.0/04:25,26318) /usr/lib/ssh/sshd -R
(www,13736,6132,0.0/19:56:45,16361) /opt/local/sbin/httpd -k start
(root,5532,2356,0.0/00:00,51478) ps -o user=USER............ -o vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10
(php_dev.elementare-vielfalt.de,303428,3436,0.0/19:15:13,72323) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7448,4476,0.0/02:20,39029) /usr/lib/ssh/sshd -R
(fpm,303424,3144,0.0/19:15:13,72330) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,268532,32304,0.0/07:11:37,7798) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13004,5636,0.0/19:56:45,16360) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268532,32296,0.0/07:17:10,76044) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1032,0.0/00:00,51433) cat

Found on 2024-12-12 00:56

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb68a87ac817dbabea14e41ad02fa48e515879eb1e

Found public CheckMk agent:
Version: 2.3.0p22
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: /opt/local/var/lib/check_mk_agent/spool
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local
OSType: unix
FailedPythonReason: 
SSHClient: 

Found process list through CheckMk:
[time]
1733792498
[processes]
(root,1724,924,0.0/109-17:32:55,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/109-17:33:01,12517) /lib/inet/ipmgmtd
(php_dev.elementare-vielfalt.de,269020,48616,0.0/09:07:14,93827) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(haproxy,28752,17984,0.0/5-15:24:44,41928) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,1316760,1307940,0.0/109-17:32:51,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/109-17:33:03,11679) zsched
(root,2788,1576,0.0/109-17:33:03,11791) /sbin/init
(root,10192,8684,0.0/109-17:33:03,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/109-17:33:03,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/109-17:32:59,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/109-17:32:56,14647) /usr/sbin/cron
(root,38932,33664,0.0/109-17:32:58,13380) /usr/sbin/nscd
(root,2380,1188,0.0/109-17:32:55,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/109-17:32:56,14635) /usr/sbin/auditd
(root,2228,1120,0.0/109-17:32:55,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/109-17:32:55,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/109-17:32:55,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/109-17:32:55,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16588,0.0/109-17:32:55,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8952,5528,0.0/109-17:32:55,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/109-17:32:55,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/109-17:32:54,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/109-17:32:54,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/109-17:32:48,17256) /sbin/dhcpagent
(fpm,303424,3416,0.0/19:20:05,30913) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2860,728,0.0/109-17:32:47,17494) /usr/lib/inet/in.ndpd
(www,12328,5028,0.0/20:01:34,78481) /opt/local/sbin/httpd -k start
(root,265660,5852,0.0/19:20:05,30901) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7576,4772,0.0/00:10,50101) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,269048,53060,0.0/09:14:59,45236) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,11428,4132,0.0/20:01:34,78479) /opt/local/sbin/httpd -k start
(root,5532,2356,0.0/00:00,51231) ps -o user=USER............ -o vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10
(root,7448,4476,0.0/06:21,11026) /usr/lib/ssh/sshd -R
(root,10608,8328,2.2/01:38,40085) /opt/local/bin/gfind / ( -fstype 9P -o -fstype NFS -o -fstype afs -o -fstype autofs -o -fstype cifs -o -fstype coda -o -fstype devfs -o -fstype devpts -o -fstype ftpfs -o -fstype iso9660 -o -fstype mfs -o -fstype ncpfs -o -fstype nfs -o -fstype nfs4 -o -fstype proc -o -fstype shfs -o -fstype smbfs -o -fstype sysfs -o -type d -regex \(^/afs$\)\|\(^/amd$\)\|\(^/proc$\)\|\(^/sfs$\)\|\(^/tmp$\)\|\(^/usr/tmp$\)\|\(^/var/tmp$\) ) -prune -o -print 
(www,14600,6912,0.0/19:57:59,3137) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3704,0.0/19:20:05,30912) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3928,1096,0.0/00:00,51230) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,12792,5480,0.0/20:01:34,78482) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,269020,49016,0.0/09:06:07,176) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(fpm,303424,3368,0.0/19:20:05,30914) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3888,2600,0.0/00:01,51131) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,5324,1584,0.0/01:38,40082) /bin/sh /opt/local/bin/updatedb
(root,3888,1352,0.0/00:00,51183) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,1688,1204,0.0/00:00,51232) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,18636,13092,0.0/01:38,40083) /usr/bin/sort -f
(root,303436,3800,0.0/19:20:05,30908) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(daemon,7584,1840,0.0/00:09,50198) /usr/lib/ssh/sshd -R
(root,4848,2804,0.0/01:38,40084) /opt/local/libexec/gfrcode
(php_dev.elementare-vielfalt.de,303428,3704,0.0/19:20:05,30910) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3704,0.0/19:20:05,30911) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3732,0.0/19:20:05,30909) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1688,1032,0.0/00:00,51184) cat
(mysql,549192,454752,0.0/19:20:04,31005) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,5324,3204,0.0/01:38,40057) /bin/sh /opt/local/bin/updatedb
(postfix,11272,5156,0.0/10:22,85594) pickup -l -t unix -u
(www,14220,6532,0.0/20:01:34,78483) /opt/local/sbin/httpd -k start
(root,7448,4476,0.0/05:13,18349) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268948,52808,0.0/08:09:59,45353) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3928,2256,0.0/00:00,51182) /usr/bin/bash /opt/check_mk/bin/check_mk_agent

Found on 2024-12-10 01:01

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb68a87ac817dbabea14e41ad02fa48e51d3ad4a6b

Found public CheckMk agent:
Version: 2.3.0p22
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: /opt/local/var/lib/check_mk_agent/spool
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local
OSType: unix
FailedPythonReason: 
SSHClient: 

Found process list through CheckMk:
[time]
1733618772
[processes]
(root,1724,924,0.0/107-17:17:29,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/107-17:17:34,12517) /lib/inet/ipmgmtd
(root,7448,4476,0.0/01:49,3671) /usr/lib/ssh/sshd -R
(mysql,532784,442152,0.0/19:04:37,11824) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(haproxy,28752,17984,0.0/3-15:09:17,41928) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,3916,2232,0.0/00:00,13445) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,1316760,1307932,0.0/107-17:17:25,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/107-17:17:37,11679) zsched
(root,2788,1576,0.0/107-17:17:36,11791) /sbin/init
(root,10192,8684,0.0/107-17:17:36,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/107-17:17:36,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/107-17:17:33,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/107-17:17:29,14647) /usr/sbin/cron
(root,38932,33628,0.0/107-17:17:32,13380) /usr/sbin/nscd
(root,2380,1188,0.0/107-17:17:29,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/107-17:17:29,14635) /usr/sbin/auditd
(root,2228,1120,0.0/107-17:17:29,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/107-17:17:29,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/107-17:17:29,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/107-17:17:29,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16588,0.0/107-17:17:29,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8952,5520,0.0/107-17:17:29,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/107-17:17:29,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/107-17:17:27,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/107-17:17:27,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/107-17:17:21,17256) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,303428,3760,0.0/19:04:38,11725) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2860,728,0.0/107-17:17:20,17494) /usr/lib/inet/in.ndpd
(fpm,303424,3396,0.0/19:04:38,11731) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3732,0.0/19:04:38,11728) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,303436,3820,0.0/19:04:38,11724) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3888,2576,0.0/00:01,13397) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,268468,32068,0.0/56:33,67076) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7448,4476,0.0/07:45,68402) /usr/lib/ssh/sshd -R
(root,3888,1328,0.0/00:00,13446) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,265660,5892,0.0/19:04:38,11715) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7576,4656,0.0/05:15,81838) /usr/lib/ssh/sshd -R
(fpm,303424,3444,0.0/19:04:38,11729) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(daemon,7584,1676,0.0/05:14,81839) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268404,32080,0.0/45:33,35453) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13892,6224,0.0/19:45:11,64043) /opt/local/sbin/httpd -k start
(root,11428,4144,0.0/19:46:10,57461) /opt/local/sbin/httpd -k start
(root,7448,4476,0.0/09:42,54559) /usr/lib/ssh/sshd -R
(www,13896,6172,0.0/19:46:10,57466) /opt/local/sbin/httpd -k start
(root,5532,2356,0.0/00:00,13492) ps -o user=USER............ -o vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10
(postfix,11272,5156,0.0/14:57,21894) pickup -l -t unix -u
(www,12556,5252,0.0/19:46:10,57465) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268468,32156,0.0/50:48,1295) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3732,0.0/19:04:38,11727) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7448,4476,0.0/08:40,63311) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268468,31652,0.0/39:48,70224) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12328,5024,0.0/19:46:10,57464) /opt/local/sbin/httpd -k start
(root,1688,1204,0.0/00:00,13493) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,3916,1084,0.0/00:00,13491) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,1688,1032,0.0/00:00,13447) cat
(php_dev.elementare-vielfalt.de,303428,3732,0.0/19:04:38,11726) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2024-12-08 00:46

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb68a87ac817dbabea14e41ad02fa48e5133e58b07

Found public CheckMk agent:
Version: 2.3.0p22
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: /opt/local/var/lib/check_mk_agent/spool
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local
OSType: unix
FailedPythonReason: 
SSHClient: 

Found process list through CheckMk:
[time]
1733443559
[processes]
(www,14904,7220,0.0/18:57:12,24245) /opt/local/sbin/httpd -k start
(root,1724,924,0.0/105-16:37:16,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/105-16:37:22,12517) /lib/inet/ipmgmtd
(haproxy,28752,16064,0.0/1-14:29:04,41928) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,1316760,1299720,0.0/105-16:37:12,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/105-16:37:24,11679) zsched
(root,2788,1576,0.0/105-16:37:24,11791) /sbin/init
(root,10192,8684,0.1/105-16:37:23,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/105-16:37:23,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/105-16:37:20,12945) /usr/lib/pfexecd
(www,13424,5928,0.0/19:05:56,72043) /opt/local/sbin/httpd -k start
(root,2132,1104,0.0/105-16:37:16,14647) /usr/sbin/cron
(root,38932,33596,0.0/105-16:37:19,13380) /usr/sbin/nscd
(root,2380,1188,0.0/105-16:37:16,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/105-16:37:16,14635) /usr/sbin/auditd
(root,2228,1120,0.0/105-16:37:16,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/105-16:37:16,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/105-16:37:16,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/105-16:37:16,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16588,0.0/105-16:37:16,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8952,5512,0.0/105-16:37:16,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/105-16:37:16,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/105-16:37:14,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/105-16:37:14,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/105-16:37:09,17256) /sbin/dhcpagent
(root,265660,5588,0.0/18:24:19,5161) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2860,728,0.0/105-16:37:08,17494) /usr/lib/inet/in.ndpd
(root,3916,1084,0.0/00:00,75693) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3888,2576,0.0/00:01,75597) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(mysql,536844,445520,0.0/18:24:17,5334) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(www,12792,5404,0.0/19:05:56,72042) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3720,0.0/18:24:18,5170) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,11428,4128,0.0/19:05:56,72038) /opt/local/sbin/httpd -k start
(root,7448,4476,0.0/00:17,74528) /usr/lib/ssh/sshd -R
(postfix,11272,5156,0.0/01:34:46,93468) pickup -l -t unix -u
(root,5532,2356,0.0/00:00,75694) ps -o user=USER............ -o vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10
(root,3916,2232,0.0/00:00,75645) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,303436,3820,0.0/18:24:18,5167) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3720,0.0/18:24:18,5171) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3720,0.0/18:24:18,5169) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3384,0.0/18:24:18,5173) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3888,1312,0.0/00:00,75646) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,1688,1032,0.0/00:00,75647) cat
(php_dev.elementare-vielfalt.de,268404,32552,0.0/04:51:35,87002) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(fpm,303424,3432,0.0/18:24:18,5172) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,1688,1204,0.0/00:00,75695) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(www,12424,5136,0.0/19:05:56,72040) /opt/local/sbin/httpd -k start
(root,7448,4476,0.0/01:50,64994) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268404,32556,0.0/04:48:20,9122) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268404,32556,0.0/04:18:35,91788) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3748,0.0/18:24:18,5168) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7448,4476,0.0/03:22,57260) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268404,32552,0.0/04:37:20,76653) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2024-12-06 00:05

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0d4e650f0

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/103-16:09:14,14744) /usr/lib/utmpd
(fpm,303424,3172,0.0/17:56:20,60509) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(netadm,4140,2804,0.0/103-16:09:20,12517) /lib/inet/ipmgmtd
(root,5532,2356,0.0/00:00,61969) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,1316480,1299380,0.0/103-16:09:10,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/103-16:09:22,11679) zsched
(root,2788,1576,0.0/103-16:09:22,11791) /sbin/init
(root,10192,8684,0.0/103-16:09:21,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/103-16:09:21,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/103-16:09:18,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/103-16:09:14,14647) /usr/sbin/cron
(root,38932,33568,0.0/103-16:09:17,13380) /usr/sbin/nscd
(root,2380,1188,0.0/103-16:09:14,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/103-16:09:14,14635) /usr/sbin/auditd
(root,2228,1120,0.0/103-16:09:14,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/103-16:09:14,14746) /usr/lib/inet/inetd start
(php_dev.elementare-vielfalt.de,268628,34760,0.0/08:43:10,90071) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1048,0.0/103-16:09:14,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/103-16:09:14,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16160,0.0/103-16:09:14,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8952,5500,0.0/103-16:09:14,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/103-16:09:14,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/103-16:09:12,15485) qmgr -l -t unix -u
(daemon,7592,1840,0.0/00:09,61437) /usr/lib/ssh/sshd -R
(root,11304,1976,0.0/103-16:09:12,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/103-16:09:07,17256) /sbin/dhcpagent
(root,2860,728,0.0/103-16:09:06,17494) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,268628,34700,0.0/08:54:08,29714) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,14616,6936,0.0/18:30:09,73799) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268628,34700,0.0/08:43:10,90054) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12328,5024,0.0/18:37:53,25761) /opt/local/sbin/httpd -k start
(www,12908,5548,0.0/18:37:53,25762) /opt/local/sbin/httpd -k start
(haproxy,29968,18792,0.0/59-15:04:05,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,265660,5592,0.0/17:56:20,60494) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,61970) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,303428,3468,0.0/17:56:20,60507) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,11428,4160,0.0/18:37:53,25759) /opt/local/sbin/httpd -k start
(www,14128,6480,0.0/18:37:53,25763) /opt/local/sbin/httpd -k start
(mysql,541648,450472,0.0/17:56:18,60601) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,3516,1044,0.0/00:00,61968) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3516,2216,0.0/00:00,61938) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7576,4692,0.0/00:09,61436) /usr/lib/ssh/sshd -R
(postfix,11272,5212,0.0/01:26:48,65410) pickup -l -t unix -u
(php_dev.elementare-vielfalt.de,268564,34732,0.0/08:54:08,29627) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3492,0.0/17:56:20,60504) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3220,0.0/17:56:20,60508) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3464,0.0/17:56:20,60505) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,303436,3652,0.0/17:56:20,60503) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3464,0.0/17:56:20,60506) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2024-12-03 23:37

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0cd730738

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/101-16:14:12,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/101-16:14:18,12517) /lib/inet/ipmgmtd
(root,11428,4124,0.0/18:42:52,6381) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268532,33412,0.0/03:56:08,29058) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,265660,5648,0.0/18:01:18,45881) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1316468,1298816,0.0/101-16:14:08,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/101-16:14:20,11679) zsched
(root,2788,1576,0.0/101-16:14:20,11791) /sbin/init
(root,10192,8680,0.0/101-16:14:19,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/101-16:14:19,11918) /lib/svc/bin/svc.startd
(postfix,11272,5156,0.0/11:48,98548) pickup -l -t unix -u
(root,2632,1748,0.0/101-16:14:16,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/101-16:14:13,14647) /usr/sbin/cron
(php_dev.elementare-vielfalt.de,303428,3464,0.0/18:01:18,45890) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,38932,33492,0.0/101-16:14:15,13380) /usr/sbin/nscd
(root,2380,1188,0.0/101-16:14:12,14747) /usr/lib/saf/ttymon
(root,5532,2356,0.0/00:00,67955) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,3368,2380,0.0/101-16:14:13,14635) /usr/sbin/auditd
(root,2228,1120,0.0/101-16:14:12,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/101-16:14:12,14746) /usr/lib/inet/inetd start
(php_dev.elementare-vielfalt.de,268532,32424,0.0/04:07:08,67097) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1048,0.0/101-16:14:12,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/101-16:14:12,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(php_dev.elementare-vielfalt.de,268468,32556,0.0/04:11:08,44332) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(redis,20588,16148,0.0/101-16:14:12,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8952,5492,0.0/101-16:14:12,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/101-16:14:12,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/101-16:14:10,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/101-16:14:10,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/101-16:14:05,17256) /sbin/dhcpagent
(www,12776,5404,0.0/18:42:52,6383) /opt/local/sbin/httpd -k start
(root,7448,4448,0.0/00:04,67583) /usr/lib/ssh/sshd -R
(root,2860,724,0.0/101-16:14:04,17494) /usr/lib/inet/in.ndpd
(root,3504,2264,0.0/00:00,67889) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3516,1100,0.0/00:00,67954) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,303436,3632,0.0/18:01:18,45889) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12356,4992,0.0/18:42:52,6382) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268404,32116,0.0/04:00:08,8843) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,529416,438452,0.0/18:01:18,45975) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,1696,1204,0.0/00:00,67921) sed s/referenced/used/g
(www,14024,6328,0.0/18:42:08,10828) /opt/local/sbin/httpd -k start
(haproxy,29968,18792,0.0/57-15:09:03,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:01:18,45892) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,67956) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,303428,3440,0.0/18:01:18,45893) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3192,0.0/18:01:18,45894) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,13332,5820,0.0/18:42:52,6384) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:01:18,45891) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3144,0.0/18:01:18,45895) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,7116,4200,0.1/00:00,67919) zfs get -Hp name,referenced,avail,mountpoint,type
(root,3516,2276,0.0/00:00,67922) /usr/bin/bash /opt/check_mk/bin/check_mk_agent

Found on 2024-12-01 23:42

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a06deeb0c8

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/99-14:28:53,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/99-14:28:58,12517) /lib/inet/ipmgmtd
(php_dev.elementare-vielfalt.de,268468,32736,0.0/06:41:32,28067) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1316468,1298756,0.0/99-14:28:48,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/99-14:29:01,11679) zsched
(root,2788,1576,0.0/99-14:29:00,11791) /sbin/init
(root,10192,8664,0.0/99-14:29:00,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/99-14:29:00,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/99-14:28:57,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/99-14:28:53,14647) /usr/sbin/cron
(root,38416,33460,0.0/99-14:28:56,13380) /usr/sbin/nscd
(root,2380,1188,0.0/99-14:28:53,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/99-14:28:53,14635) /usr/sbin/auditd
(root,2228,1120,0.0/99-14:28:53,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/99-14:28:53,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/99-14:28:53,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/99-14:28:53,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16148,0.0/99-14:28:53,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8952,5476,0.0/99-14:28:52,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/99-14:28:52,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/99-14:28:51,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/99-14:28:51,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/99-14:28:45,17256) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,303428,3756,0.0/16:15:56,91091) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2860,724,0.0/99-14:28:44,17494) /usr/lib/inet/in.ndpd
(root,265660,5552,0.0/16:15:56,91084) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3516,1084,0.0/00:00,5834) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(postfix,11272,5156,0.0/26:32,55322) pickup -l -t unix -u
(root,3516,2244,0.0/00:00,5740) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(fpm,303424,3440,0.0/16:15:56,91095) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3728,0.0/16:15:56,91092) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(haproxy,29968,18792,0.0/55-13:23:43,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(www,13136,5688,0.0/16:57:32,58636) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3728,0.0/16:15:56,91093) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,14348,6676,0.0/16:54:47,77359) /opt/local/sbin/httpd -k start
(fpm,303424,3392,0.0/16:15:56,91096) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(daemon,7592,1880,0.0/00:02,5427) /usr/lib/ssh/sshd -R
(daemon,7584,1676,0.0/05:48,71541) /usr/lib/ssh/sshd -R
(root,303436,3824,0.0/16:15:56,91090) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12420,5132,0.0/16:57:32,58628) /opt/local/sbin/httpd -k start
(root,1688,1204,0.0/00:00,5836) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,268468,31988,0.0/06:41:32,28076) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3728,0.0/16:15:56,91094) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7576,4672,0.0/00:02,5414) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268468,32004,0.0/06:41:32,28055) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7576,4636,0.0/05:49,71399) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268468,31996,0.0/06:41:32,28080) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12444,5180,0.0/16:57:32,58632) /opt/local/sbin/httpd -k start
(mysql,538636,448484,0.0/16:15:54,91193) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,11428,4128,0.0/16:57:32,58627) /opt/local/sbin/httpd -k start
(root,5532,2356,0.0/00:00,5835) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273

Found on 2024-11-29 21:57

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a00d8e2457

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/97-14:25:40,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/97-14:25:45,12517) /lib/inet/ipmgmtd
(root,303436,3520,0.0/16:12:39,70070) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,1316256,1297824,0.0/97-14:25:36,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/97-14:25:48,11679) zsched
(root,2788,1576,0.0/97-14:25:47,11791) /sbin/init
(root,10192,8664,0.0/97-14:25:47,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/97-14:25:47,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/97-14:25:44,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/97-14:25:40,14647) /usr/sbin/cron
(root,38416,33420,0.0/97-14:25:43,13380) /usr/sbin/nscd
(root,2380,1188,0.0/97-14:25:40,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/97-14:25:40,14635) /usr/sbin/auditd
(root,2228,1120,0.0/97-14:25:40,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/97-14:25:40,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/97-14:25:40,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2584,0.0/97-14:25:40,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16136,0.0/97-14:25:40,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8952,5464,0.0/97-14:25:40,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/97-14:25:39,14923) /usr/lib/ssh/sshd
(postfix,11400,3352,0.0/97-14:25:38,15485) qmgr -l -t unix -u
(root,11304,1976,0.0/97-14:25:38,15458) /opt/local/libexec/postfix/master -w
(root,2476,1136,0.0/97-14:25:32,17256) /sbin/dhcpagent
(www,13892,6104,0.0/16:54:20,34890) /opt/local/sbin/httpd -k start
(root,2860,724,0.0/97-14:25:31,17494) /usr/lib/inet/in.ndpd
(root,8076,5352,0.0/01:19:27,5640) /usr/lib/ssh/sshd -R
(root,1688,1204,0.0/00:00,55049) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(tony,8080,2028,0.0/01:19:27,5642) /usr/lib/ssh/sshd -R
(root,3516,1096,0.0/00:00,55046) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(fpm,303424,3060,0.0/16:12:39,70076) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,268404,33988,0.0/04:53:56,89597) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,531416,448144,0.0/16:12:38,70191) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(daemon,7592,1844,0.0/04:48,29074) /usr/lib/ssh/sshd -R
(haproxy,29648,18464,0.0/53-13:20:31,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(php_dev.elementare-vielfalt.de,303428,3332,0.0/16:12:39,70071) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12328,4892,0.0/16:54:20,34886) /opt/local/sbin/httpd -k start
(root,11428,3852,0.0/16:54:20,34884) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268404,33940,0.0/04:52:53,96226) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12424,4940,0.0/16:54:20,34887) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3308,0.0/16:12:39,70074) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3108,0.0/16:12:39,70075) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,14208,6320,0.0/16:47:53,72567) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3304,0.0/16:12:39,70072) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,265660,5408,0.0/16:12:39,70063) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7576,4672,0.0/04:48,29073) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268468,33968,0.0/04:53:56,89600) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11272,5188,0.0/43:23,9316) pickup -l -t unix -u
(php_dev.elementare-vielfalt.de,303428,3304,0.0/16:12:39,70073) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(tony,3752,2144,0.0/01:19:27,5643) /usr/local/libexec/sftp-server
(php_dev.elementare-vielfalt.de,268468,33972,0.0/04:51:34,6683) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3516,2268,0.0/00:00,55000) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,5532,2356,0.0/00:00,55047) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273

Found on 2024-11-27 21:54

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a087cd4d0b

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/95-16:10:27,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/95-16:10:32,12517) /lib/inet/ipmgmtd
(root,1316256,1300620,0.0/95-16:10:22,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/95-16:10:35,11679) zsched
(root,2788,1576,0.0/95-16:10:34,11791) /sbin/init
(root,10192,8664,0.0/95-16:10:34,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/95-16:10:34,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/95-16:10:30,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/95-16:10:27,14647) /usr/sbin/cron
(root,38416,33420,0.0/95-16:10:30,13380) /usr/sbin/nscd
(root,3504,2200,0.0/00:00,28377) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,2380,1188,0.0/95-16:10:27,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/95-16:10:27,14635) /usr/sbin/auditd
(root,2228,1120,0.0/95-16:10:27,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/95-16:10:27,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/95-16:10:27,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/95-16:10:27,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16200,0.0/95-16:10:26,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8888,5484,0.0/95-16:10:26,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/95-16:10:26,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/95-16:10:25,15485) qmgr -l -t unix -u
(root,11304,1968,0.0/95-16:10:25,15458) /opt/local/libexec/postfix/master -w
(fpm,303424,3144,0.0/17:57:30,33562) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,303436,3632,0.0/17:57:30,33555) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(postfix,11272,5184,0.0/01:08:17,47172) pickup -l -t unix -u
(root,2476,1140,0.0/95-16:10:19,17256) /sbin/dhcpagent
(root,2860,728,0.0/95-16:10:18,17494) /usr/lib/inet/in.ndpd
(root,265660,5852,0.0/17:57:30,33549) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3436,0.0/17:57:30,33557) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1696,1204,0.0/00:00,28402) sed s/referenced/used/g
(php_dev.elementare-vielfalt.de,273048,56948,0.0/01:34:06,2291) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,545336,451504,0.0/17:57:29,33650) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,303428,3436,0.0/17:57:30,33558) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7116,4248,0.1/00:00,28401) zfs get -Hp name,referenced,avail,mountpoint,type
(root,5532,2340,0.0/00:00,28434) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(php_dev.elementare-vielfalt.de,303428,3464,0.0/17:57:30,33556) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268500,34552,0.0/01:34:06,2290) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,14332,6612,0.0/18:31:58,39382) /opt/local/sbin/httpd -k start
(haproxy,29648,18552,0.0/51-15:05:17,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,3516,2216,0.0/00:00,28403) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,268500,34556,0.0/01:43:22,49402) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3440,0.0/17:57:30,33559) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,28435) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(www,12420,5108,0.0/18:39:08,96644) /opt/local/sbin/httpd -k start
(root,3516,1044,0.0/00:00,28433) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(fpm,303424,3192,0.0/17:57:30,33561) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12756,5368,0.0/18:39:08,96645) /opt/local/sbin/httpd -k start
(root,11428,4128,0.0/18:39:08,96643) /opt/local/sbin/httpd -k start
(www,14312,6616,0.0/18:39:08,96646) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,270740,51816,0.0/36:40,25966) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2024-11-25 23:39

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a03b74be2e

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/93-17:04:46,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/93-17:04:52,12517) /lib/inet/ipmgmtd
(mysql,528888,448264,0.0/18:51:56,44490) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(www,12328,5032,0.0/19:33:28,10844) /opt/local/sbin/httpd -k start
(root,1316256,1300620,0.0/93-17:04:42,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/93-17:04:54,11679) zsched
(root,2788,1576,0.0/93-17:04:54,11791) /sbin/init
(root,10192,8644,0.0/93-17:04:54,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/93-17:04:54,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/93-17:04:50,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/93-17:04:47,14647) /usr/sbin/cron
(root,38384,33352,0.0/93-17:04:49,13380) /usr/sbin/nscd
(root,2380,1188,0.0/93-17:04:46,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/93-17:04:47,14635) /usr/sbin/auditd
(root,2228,1120,0.0/93-17:04:46,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/93-17:04:46,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/93-17:04:46,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/93-17:04:46,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16200,0.0/93-17:04:46,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8888,5476,0.0/93-17:04:46,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/93-17:04:46,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/93-17:04:45,15485) qmgr -l -t unix -u
(www,13316,5704,0.0/19:33:28,10845) /opt/local/sbin/httpd -k start
(root,11304,1968,0.0/93-17:04:45,15458) /opt/local/libexec/postfix/master -w
(daemon,7616,1924,0.0/03:33,39678) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268564,33512,0.0/03:59:17,2594) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2476,1140,0.0/93-17:04:39,17256) /sbin/dhcpagent
(root,2860,728,0.0/93-17:04:38,17494) /usr/lib/inet/in.ndpd
(root,7620,4876,0.0/06:12,25008) /usr/lib/ssh/sshd -R
(root,1696,1204,0.0/00:00,60221) sed s/referenced/used/g
(root,5532,2340,0.0/00:00,60335) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,6332,3536,0.0/00:00,60220) zfs get -Hp name,referenced,avail,mountpoint,type
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:51:57,44398) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3440,0.0/18:51:57,44399) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(haproxy,29648,18552,0.0/49-15:59:37,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,3504,2232,0.0/00:00,60151) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,12328,5016,0.0/19:33:28,10843) /opt/local/sbin/httpd -k start
(root,1688,1204,0.0/00:00,60336) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:51:57,44397) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3192,0.0/18:51:57,44400) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,7620,4876,0.0/03:33,39677) /usr/lib/ssh/sshd -R
(root,3516,1084,0.0/00:00,60333) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,268436,33504,0.0/04:10:16,41770) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13692,5984,0.0/19:29:17,36787) /opt/local/sbin/httpd -k start
(root,11428,4128,0.0/19:33:28,10842) /opt/local/sbin/httpd -k start
(fpm,303424,3144,0.0/18:51:57,44401) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3464,0.0/18:51:57,44396) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,303436,3632,0.0/18:51:57,44395) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3516,2244,0.0/00:00,60228) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,268436,33508,0.0/03:52:46,40060) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11272,5184,0.0/42:41,12557) pickup -l -t unix -u
(root,265660,5572,0.0/18:51:57,44390) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(daemon,7616,1924,0.0/06:12,25014) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268436,33504,0.0/04:03:46,77087) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2024-11-24 00:33

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0efc7c8da

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/91-16:45:36,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/91-16:45:41,12517) /lib/inet/ipmgmtd
(root,1316252,1300604,0.0/91-16:45:31,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/91-16:45:44,11679) zsched
(root,2788,1576,0.0/91-16:45:43,11791) /sbin/init
(root,10192,8640,0.0/91-16:45:43,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/91-16:45:43,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/91-16:45:40,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/91-16:45:36,14647) /usr/sbin/cron
(root,38384,33312,0.0/91-16:45:39,13380) /usr/sbin/nscd
(root,2380,1188,0.0/91-16:45:36,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/91-16:45:36,14635) /usr/sbin/auditd
(root,2228,1120,0.0/91-16:45:36,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/91-16:45:36,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/91-16:45:36,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/91-16:45:36,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16200,0.0/91-16:45:36,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8888,5464,0.0/91-16:45:35,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/91-16:45:35,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/91-16:45:34,15485) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:32:36,63010) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,11304,1968,0.0/91-16:45:34,15458) /opt/local/libexec/postfix/master -w
(root,2476,1140,0.0/91-16:45:28,17256) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,303428,3432,0.0/18:32:36,63008) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2860,712,0.0/91-16:45:27,17494) /usr/lib/inet/in.ndpd
(fpm,303424,3140,0.0/18:32:36,63012) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,265660,5628,0.0/18:32:36,62964) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268436,33272,0.0/04:13:11,56931) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11272,5184,0.0/43:34,42231) pickup -l -t unix -u
(php_dev.elementare-vielfalt.de,268500,39644,0.0/03:51:37,83199) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268628,48644,0.0/04:02:11,19837) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3516,2216,0.0/00:00,91276) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(haproxy,29648,18512,0.0/47-15:40:26,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,3516,1044,0.0/00:00,91306) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,14360,6700,0.0/19:11:36,48166) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,4580,0.0/18:32:36,63009) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,91308) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,268436,31584,0.0/04:02:36,17265) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,303436,3628,0.0/18:32:36,63004) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,14008,6356,0.0/19:14:15,30689) /opt/local/sbin/httpd -k start
(mysql,538432,456592,0.0/18:32:34,63229) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,303428,3460,0.0/18:32:36,63007) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12420,5120,0.0/19:14:15,30688) /opt/local/sbin/httpd -k start
(fpm,303424,3188,0.0/18:32:36,63011) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,11428,4128,0.0/19:14:15,30686) /opt/local/sbin/httpd -k start
(root,5532,2340,0.0/00:00,91307) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(www,12420,5124,0.0/19:14:15,30687) /opt/local/sbin/httpd -k start

Found on 2024-11-22 00:14

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0cdfc294b

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/89-14:42:15,14744) /usr/lib/utmpd
(netadm,4140,2804,0.0/89-14:42:21,12517) /lib/inet/ipmgmtd
(root,1316252,1300604,0.0/89-14:42:11,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/89-14:42:23,11679) zsched
(root,2788,1576,0.0/89-14:42:23,11791) /sbin/init
(php_dev.elementare-vielfalt.de,265660,5432,0.0/02:41,77786) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,10192,8636,0.0/89-14:42:22,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/89-14:42:22,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/89-14:42:19,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/89-14:42:15,14647) /usr/sbin/cron
(php_dev.elementare-vielfalt.de,303428,3432,0.0/16:29:24,97543) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,38384,33304,0.0/89-14:42:18,13380) /usr/sbin/nscd
(root,2380,1188,0.0/89-14:42:15,14747) /usr/lib/saf/ttymon
(fpm,303424,3140,0.0/16:29:24,97548) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3368,2380,0.0/89-14:42:15,14635) /usr/sbin/auditd
(root,2228,1120,0.0/89-14:42:15,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/89-14:42:15,14746) /usr/lib/inet/inetd start
(postfix,13504,7660,0.0/00:58,87106) smtpd -n smtp -t inet -u -s 2
(root,2016,1048,0.0/89-14:42:15,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/89-14:42:15,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,20588,16200,0.0/89-14:42:15,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8888,5448,0.0/89-14:42:15,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/89-14:42:15,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/89-14:42:13,15485) qmgr -l -t unix -u
(root,11304,1968,0.0/89-14:42:13,15458) /opt/local/libexec/postfix/master -w
(root,3520,1044,0.0/00:00,91418) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,2476,1140,0.0/89-14:42:08,17256) /sbin/dhcpagent
(root,1696,1204,0.0/00:00,91387) sed s/referenced/used/g
(root,2860,712,0.0/89-14:42:07,17494) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,303428,3460,0.0/16:29:24,97542) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,303436,3628,0.0/16:29:24,97538) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,268724,46788,0.0/08:35:16,76343) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3432,0.0/16:29:24,97544) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,270708,41668,0.0/08:57:16,52973) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11552,5848,0.0/00:57,87127) trivial-rewrite -n rewrite -t unix -u
(root,7448,4476,0.0/07:56,49044) /usr/lib/ssh/sshd -R
(root,265660,5560,0.0/16:29:25,97430) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(haproxy,29648,18512,0.0/45-13:37:06,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,3504,2200,0.0/00:00,91361) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7576,4784,0.0/00:01,91336) /usr/lib/ssh/sshd -R
(www,12580,5260,0.0/17:10:54,66542) /opt/local/sbin/httpd -k start
(daemon,7584,1856,0.0/00:01,91337) /usr/lib/ssh/sshd -R
(postfix,11272,5180,0.0/40:15,64964) pickup -l -t unix -u
(root,3520,2220,0.0/00:00,91388) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,15024,7220,0.0/17:10:54,66543) /opt/local/sbin/httpd -k start
(postfix,11268,5212,0.0/00:58,87123) proxymap -t unix -u
(www,16132,8380,0.0/17:09:16,77159) /opt/local/sbin/httpd -k start
(postfix,11656,5828,0.0/00:57,87137) smtp -t unix -u
(root,5532,2284,0.0/00:00,91419) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(fpm,303424,3188,0.0/16:29:24,97547) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,11428,4124,0.0/17:10:54,66541) /opt/local/sbin/httpd -k start
(postfix,11308,5332,0.0/00:57,87141) bounce -z -t unix -u
(root,6332,3460,0.0/00:00,91386) zfs get -Hp name,referenced,avail,mountpoint,type
(root,7448,4476,0.0/01:12,85595) /usr/lib/ssh/sshd -R
(root,1688,1204,0.0/00:00,91420) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,268724,52056,0.0/09:08:16,92040) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,12596,6820,0.0/00:57,87131) cleanup -z -t unix -u
(php_dev.elementare-vielfalt.de,303428,3436,0.0/16:29:24,97546) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,14388,6648,0.0/17:10:54,66544) /opt/local/sbin/httpd -k start
(mysql,569416,481828,0.0/16:29:23,97679) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,7448,4476,0.0/06:36,54412) /usr/lib/ssh/sshd -R

Found on 2024-11-19 22:10

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0bb6a89be

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/87-15:04:48,14744) /usr/lib/utmpd
(netadm,4140,2752,0.0/87-15:04:54,12517) /lib/inet/ipmgmtd
(root,1100476,1091024,0.0/87-15:04:44,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/87-15:04:56,11679) zsched
(root,2788,1576,0.0/87-15:04:56,11791) /sbin/init
(root,10192,8632,0.0/87-15:04:55,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/87-15:04:55,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/87-15:04:52,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/87-15:04:48,14647) /usr/sbin/cron
(root,38384,33304,0.0/87-15:04:51,13380) /usr/sbin/nscd
(root,2380,1188,0.0/87-15:04:48,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/87-15:04:48,14635) /usr/sbin/auditd
(root,2228,1120,0.0/87-15:04:48,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/87-15:04:48,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/87-15:04:48,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/87-15:04:48,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,14988,10504,0.0/87-15:04:48,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8888,5440,0.0/87-15:04:48,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/87-15:04:48,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/87-15:04:46,15485) qmgr -l -t unix -u
(root,11304,1968,0.0/87-15:04:46,15458) /opt/local/libexec/postfix/master -w
(root,2476,1140,0.0/87-15:04:41,17256) /sbin/dhcpagent
(root,2860,712,0.0/87-15:04:40,17494) /usr/lib/inet/in.ndpd
(fpm,303424,3140,0.0/16:51:53,39255) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12668,5308,0.0/17:33:27,7103) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268632,34644,0.0/09:36:54,93346) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3432,0.0/16:51:53,39252) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(postfix,11272,5236,0.0/01:22:52,83613) pickup -l -t unix -u
(root,1688,1204,0.0/00:00,55002) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(haproxy,29584,18448,0.0/43-13:59:39,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,5532,2284,0.0/00:00,55001) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(www,12328,5040,0.0/17:33:27,7102) /opt/local/sbin/httpd -k start
(daemon,7584,1676,0.0/04:57,26706) /usr/lib/ssh/sshd -R
(fpm,303424,3188,0.0/16:51:53,39254) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3460,0.0/16:51:53,39250) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,11428,4128,0.0/17:33:27,7101) /opt/local/sbin/httpd -k start
(root,7576,4648,0.0/04:58,26615) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,270744,34880,0.0/09:36:54,93444) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3516,1096,0.0/00:00,55000) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,303436,3628,0.0/16:51:53,39249) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,270616,34896,0.0/09:36:53,93460) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3432,0.0/16:51:53,39253) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268824,61324,0.0/09:38:23,85825) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13676,6004,0.0/17:33:27,7104) /opt/local/sbin/httpd -k start
(root,3516,2252,0.0/00:00,54965) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,303428,3432,0.0/16:51:53,39251) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,265660,5580,0.0/16:51:53,39215) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,538232,455412,0.0/16:51:51,39350) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(www,14080,6336,0.0/17:33:23,7263) /opt/local/sbin/httpd -k start

Found on 2024-11-17 22:33

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0ba5276b7

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/85-17:20:36,14744) /usr/lib/utmpd
(netadm,4140,2752,0.0/85-17:20:42,12517) /lib/inet/ipmgmtd
(www,15248,7552,0.0/19:47:45,5742) /opt/local/sbin/httpd -k start
(root,3516,1080,0.0/00:00,98718) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,1100476,1091024,0.0/85-17:20:32,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/85-17:20:44,11679) zsched
(root,2788,1576,0.0/85-17:20:44,11791) /sbin/init
(root,10192,8632,0.0/85-17:20:43,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/85-17:20:43,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/85-17:20:40,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/85-17:20:36,14647) /usr/sbin/cron
(fpm,303424,3156,0.0/19:07:47,32832) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,38384,33304,0.0/85-17:20:39,13380) /usr/sbin/nscd
(root,2380,1188,0.0/85-17:20:36,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/85-17:20:36,14635) /usr/sbin/auditd
(root,2228,1120,0.0/85-17:20:36,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/85-17:20:36,14746) /usr/lib/inet/inetd start
(daemon,7584,1808,0.0/00:19,98409) /usr/lib/ssh/sshd -R
(root,2016,1048,0.0/85-17:20:36,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/85-17:20:36,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,14988,10504,0.0/85-17:20:36,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8824,5428,0.0/85-17:20:36,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/85-17:20:36,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/85-17:20:34,15485) qmgr -l -t unix -u
(root,11304,1968,0.0/85-17:20:34,15458) /opt/local/libexec/postfix/master -w
(root,7576,4684,0.0/00:19,98212) /usr/lib/ssh/sshd -R
(root,2476,1140,0.0/85-17:20:29,17256) /sbin/dhcpagent
(root,2860,712,0.0/85-17:20:28,17494) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,268628,34052,0.0/01:45:12,6019) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268564,34060,0.0/01:17:13,65797) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11272,5236,0.0/38:44,80577) pickup -l -t unix -u
(root,5532,2284,0.0/00:00,98719) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(www,14784,7064,0.0/19:49:16,97313) /opt/local/sbin/httpd -k start
(www,12448,5164,0.0/19:49:16,97311) /opt/local/sbin/httpd -k start
(fpm,303424,3204,0.0/19:07:47,32831) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(mysql,578280,483072,0.0/19:07:46,33081) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,303428,3448,0.0/19:07:47,32829) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3448,0.0/19:07:47,32828) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(haproxy,29584,18448,0.0/41-16:15:27,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,303436,3648,0.0/19:07:47,32823) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,11428,4120,0.0/19:49:16,97310) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268628,32356,0.0/03:21:12,65196) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7448,4476,0.0/07:17,60281) /usr/lib/ssh/sshd -R
(www,12784,5468,0.0/19:49:16,97312) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3476,0.0/19:07:47,32827) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3452,0.0/19:07:47,32830) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268628,32360,0.0/03:51:37,92841) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,98720) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,3516,2240,0.0/00:00,98681) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,265660,5584,0.0/19:07:47,32735) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2024-11-16 00:49

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a00fc3bc5b

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/83-15:23:16,14744) /usr/lib/utmpd
(netadm,4140,2752,0.0/83-15:23:21,12517) /lib/inet/ipmgmtd
(root,1100464,1091004,0.0/83-15:23:11,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/83-15:23:24,11679) zsched
(root,2788,1576,0.0/83-15:23:23,11791) /sbin/init
(root,10192,8632,0.0/83-15:23:23,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/83-15:23:23,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/83-15:23:20,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/83-15:23:16,14647) /usr/sbin/cron
(root,38384,33300,0.0/83-15:23:19,13380) /usr/sbin/nscd
(root,2380,1188,0.0/83-15:23:16,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/83-15:23:16,14635) /usr/sbin/auditd
(root,2228,1120,0.0/83-15:23:16,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/83-15:23:16,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/83-15:23:16,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/83-15:23:16,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,14988,10504,0.0/83-15:23:15,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8824,5412,0.0/83-15:23:15,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/83-15:23:15,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/83-15:23:14,15485) qmgr -l -t unix -u
(root,11304,1968,0.0/83-15:23:14,15458) /opt/local/libexec/postfix/master -w
(php_dev.elementare-vielfalt.de,268500,31860,0.0/01:07:44,56020) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,44583) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,2476,1140,0.0/83-15:23:08,17256) /sbin/dhcpagent
(root,2860,712,0.0/83-15:23:07,17494) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,303428,3436,0.0/17:10:22,94972) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268692,35168,0.0/01:03:25,81108) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3432,0.0/17:10:22,94971) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3188,0.0/17:10:22,94973) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3460,0.0/17:10:22,94969) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,265660,5564,0.0/17:10:22,94963) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268564,33436,0.0/01:07:56,55989) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12328,5048,0.0/17:51:54,65005) /opt/local/sbin/httpd -k start
(haproxy,29584,18448,0.0/39-14:18:06,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(php_dev.elementare-vielfalt.de,268564,32212,0.0/01:07:47,56005) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,11428,4120,0.0/17:51:54,65001) /opt/local/sbin/httpd -k start
(www,12900,5524,0.0/17:51:54,65010) /opt/local/sbin/httpd -k start
(root,3516,1048,0.0/00:00,44581) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7448,4476,0.0/09:11,92319) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,303428,3432,0.0/17:10:22,94970) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7448,4476,0.0/07:48,98404) /usr/lib/ssh/sshd -R
(fpm,303424,3140,0.0/17:10:22,94974) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3516,2220,0.0/00:00,44511) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,303436,3628,0.0/17:10:22,94968) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,14188,6500,0.0/17:51:54,65012) /opt/local/sbin/httpd -k start
(www,15176,7440,0.0/17:43:24,10309) /opt/local/sbin/httpd -k start
(mysql,561264,473076,0.0/17:10:20,94978) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,5532,2284,0.0/00:00,44582) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(postfix,11272,5236,0.0/41:27,4712) pickup -l -t unix -u

Found on 2024-11-13 22:51

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a07da206f3

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/81-14:43:20,14744) /usr/lib/utmpd
(netadm,4140,2752,0.0/81-14:43:26,12517) /lib/inet/ipmgmtd
(php_dev.elementare-vielfalt.de,303428,3432,0.0/16:30:27,56541) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,22763) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,1100436,1090976,0.0/81-14:43:16,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/81-14:43:28,11679) zsched
(root,2788,1576,0.0/81-14:43:28,11791) /sbin/init
(root,10192,8628,0.0/81-14:43:27,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/81-14:43:27,11918) /lib/svc/bin/svc.startd
(root,2632,1748,0.0/81-14:43:24,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/81-14:43:20,14647) /usr/sbin/cron
(mysql,590196,499348,0.0/16:30:25,56550) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,37860,32776,0.0/81-14:43:23,13380) /usr/sbin/nscd
(root,2380,1188,0.0/81-14:43:20,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/81-14:43:20,14635) /usr/sbin/auditd
(root,2228,1120,0.0/81-14:43:20,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/81-14:43:20,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/81-14:43:20,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/81-14:43:20,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,14988,10504,0.0/81-14:43:20,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8824,5400,0.0/81-14:43:20,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/81-14:43:20,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/81-14:43:18,15485) qmgr -l -t unix -u
(root,11304,1968,0.0/81-14:43:18,15458) /opt/local/libexec/postfix/master -w
(php_dev.elementare-vielfalt.de,303428,3460,0.0/16:30:27,56539) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(daemon,7616,1908,0.0/00:05,21781) /usr/lib/ssh/sshd -R
(root,2476,1140,0.0/81-14:43:13,17256) /sbin/dhcpagent
(root,2860,712,0.0/81-14:43:12,17494) /usr/lib/inet/in.ndpd
(root,3516,1100,0.0/00:00,22760) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,268984,48732,0.0/05:14:02,91492) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,11428,4136,0.0/17:12:00,25767) /opt/local/sbin/httpd -k start
(root,3516,2276,0.0/00:00,22657) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(fpm,303424,3140,0.0/16:30:27,56544) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(fpm,303424,3188,0.0/16:30:27,56543) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,268468,32628,0.0/02:28:21,29352) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,16076,8388,0.0/17:05:43,60319) /opt/local/sbin/httpd -k start
(root,265660,5580,0.0/16:30:27,56533) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,303436,3628,0.0/16:30:27,56538) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(daemon,7600,1872,0.0/00:03,22044) /usr/lib/ssh/sshd -R
(www,13568,6100,0.0/17:12:00,25775) /opt/local/sbin/httpd -k start
(haproxy,29584,18448,0.0/37-13:38:11,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(php_dev.elementare-vielfalt.de,303428,3432,0.0/16:30:27,56540) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3436,0.0/16:30:27,56542) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7620,4784,0.0/00:05,21780) /usr/lib/ssh/sshd -R
(root,5532,2284,0.0/00:00,22762) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(php_dev.elementare-vielfalt.de,273592,66708,0.0/05:22:31,45297) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13724,6264,0.0/17:12:00,25772) /opt/local/sbin/httpd -k start
(postfix,11272,5180,0.0/21:32,20274) pickup -l -t unix -u
(php_dev.elementare-vielfalt.de,268856,44624,0.0/05:11:04,10378) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7596,4668,0.0/00:05,21692) /usr/lib/ssh/sshd -R
(www,15288,7540,0.0/17:11:59,25777) /opt/local/sbin/httpd -k start

Found on 2024-11-11 22:12

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0cd295fb7

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(php_dev.elementare-vielfalt.de,303428,3436,0.0/18:19:00,13091) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1724,924,0.0/79-16:31:43,14744) /usr/lib/utmpd
(netadm,4140,2752,0.0/79-16:31:48,12517) /lib/inet/ipmgmtd
(root,7448,4420,0.0/07:01,26090) /usr/lib/ssh/sshd -R
(root,7448,4420,0.0/08:51,16009) /usr/lib/ssh/sshd -R
(root,303436,3628,0.0/18:19:00,13086) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,270580,33384,0.0/10:15:41,64664) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1100436,1090960,0.0/79-16:31:38,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/79-16:31:51,11679) zsched
(root,2788,1576,0.0/79-16:31:50,11791) /sbin/init
(root,10192,8624,0.0/79-16:31:50,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/79-16:31:50,11918) /lib/svc/bin/svc.startd
(php_dev.elementare-vielfalt.de,303428,3432,0.0/18:19:00,13089) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2632,1748,0.0/79-16:31:47,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/79-16:31:43,14647) /usr/sbin/cron
(root,37344,32764,0.0/79-16:31:46,13380) /usr/sbin/nscd
(root,2380,1188,0.0/79-16:31:43,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/79-16:31:43,14635) /usr/sbin/auditd
(root,2228,1120,0.0/79-16:31:43,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/79-16:31:43,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/79-16:31:43,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/79-16:31:43,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,14988,10504,0.0/79-16:31:42,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8824,5384,0.0/79-16:31:42,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/79-16:31:42,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/79-16:31:41,15485) qmgr -l -t unix -u
(root,11304,1968,0.0/79-16:31:41,15458) /opt/local/libexec/postfix/master -w
(php_dev.elementare-vielfalt.de,268532,31008,0.0/10:23:44,18003) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3516,1044,0.0/00:00,68310) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,2476,1140,0.0/79-16:31:35,17256) /sbin/dhcpagent
(mysql,528088,448136,0.0/18:18:59,13104) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,2860,712,0.0/79-16:31:34,17494) /usr/lib/inet/in.ndpd
(www,12420,5084,0.0/19:00:22,80505) /opt/local/sbin/httpd -k start
(root,1688,1204,0.0/00:00,68312) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,5532,2284,0.0/00:00,68311) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(www,13596,5944,0.0/19:00:22,80507) /opt/local/sbin/httpd -k start
(daemon,7584,1804,0.0/00:42,62294) /usr/lib/ssh/sshd -R
(root,3516,2216,0.0/00:00,68263) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(fpm,303424,3140,0.0/18:19:00,13094) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12420,5112,0.0/19:00:22,80506) /opt/local/sbin/httpd -k start
(root,11428,4128,0.0/19:00:22,80504) /opt/local/sbin/httpd -k start
(www,13692,5996,0.0/18:58:43,88169) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3432,0.0/18:19:00,13090) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(haproxy,29584,18448,0.0/35-15:26:33,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(php_dev.elementare-vielfalt.de,268532,31608,0.0/10:15:40,65560) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,265660,5648,0.0/18:19:00,13081) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3460,0.0/18:19:00,13088) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7576,4636,0.0/01:00,61882) /usr/lib/ssh/sshd -R
(postfix,11272,5236,0.0/49:56,84683) pickup -l -t unix -u
(fpm,303424,3188,0.0/18:19:00,13093) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,268532,31860,0.0/10:16:27,62347) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2024-11-10 00:00

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0367f0ea6

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(php_dev.elementare-vielfalt.de,303428,3512,0.0/19:20:43,35565) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,4848,2796,0.0/02:11,27097) /opt/local/libexec/gfrcode
(root,1724,924,0.0/77-17:33:29,14744) /usr/lib/utmpd
(netadm,4140,2752,0.0/77-17:33:34,12517) /lib/inet/ipmgmtd
(root,1100424,1090936,0.0/77-17:33:25,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/77-17:33:37,11679) zsched
(root,2788,1576,0.0/77-17:33:36,11791) /sbin/init
(root,10192,8624,0.0/77-17:33:36,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/77-17:33:36,11918) /lib/svc/bin/svc.startd
(php_dev.elementare-vielfalt.de,303428,3540,0.0/19:20:43,35562) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1696,1204,0.0/00:00,40023) sed s/referenced/used/g
(root,2632,1748,0.0/77-17:33:33,12945) /usr/lib/pfexecd
(daemon,7584,1812,0.0/04:26,11817) /usr/lib/ssh/sshd -R
(root,2132,1104,0.0/77-17:33:29,14647) /usr/sbin/cron
(root,37344,32600,0.0/77-17:33:32,13380) /usr/sbin/nscd
(root,2380,1188,0.0/77-17:33:29,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/77-17:33:29,14635) /usr/sbin/auditd
(root,2228,1120,0.0/77-17:33:29,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/77-17:33:29,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/77-17:33:29,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/77-17:33:29,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,14988,10504,0.0/77-17:33:29,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8824,5376,0.0/77-17:33:29,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/77-17:33:28,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/77-17:33:27,15485) qmgr -l -t unix -u
(root,11304,1968,0.0/77-17:33:27,15458) /opt/local/libexec/postfix/master -w
(www,14456,6680,0.0/20:02:09,8035) /opt/local/sbin/httpd -k start
(root,2476,1140,0.0/77-17:33:21,17256) /sbin/dhcpagent
(root,5324,1600,0.0/02:11,27095) /bin/sh /opt/local/bin/updatedb
(root,2860,712,0.0/77-17:33:20,17494) /usr/lib/inet/in.ndpd
(postfix,11272,5180,0.0/31:43,59999) pickup -l -t unix -u
(root,3504,2200,0.0/00:00,39998) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,303436,3664,0.0/19:20:43,35559) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,11428,4128,0.0/20:02:09,8032) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268500,31920,0.0/51:48,45848) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7116,4292,0.1/00:00,40022) zfs get -Hp name,referenced,avail,mountpoint,type
(root,7576,4716,0.0/04:26,11810) /usr/lib/ssh/sshd -R
(www,12420,5084,0.0/20:02:09,8033) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,268500,32288,0.0/51:45,45858) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(daemon,7584,1820,0.0/02:11,27105) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,268500,32284,0.0/51:50,45841) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7576,4628,0.0/02:11,27041) /usr/lib/ssh/sshd -R
(root,1688,1204,0.0/00:00,40059) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,5324,3220,0.0/02:11,26823) /bin/sh /opt/local/bin/updatedb
(php_dev.elementare-vielfalt.de,268500,31916,0.0/58:23,4288) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(fpm,303424,3228,0.0/19:20:43,35568) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,265660,5656,0.0/19:20:43,35553) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,14604,6892,0.0/20:00:22,19358) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3512,0.0/19:20:43,35563) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(haproxy,29584,18440,0.0/33-16:28:20,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,20204,15572,0.0/02:11,27096) /usr/bin/sort -f
(fpm,303424,3180,0.0/19:20:43,35570) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12556,5248,0.0/20:02:09,8034) /opt/local/sbin/httpd -k start
(root,3528,1044,0.0/00:00,40057) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,303428,3516,0.0/19:20:43,35567) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3528,2228,0.0/00:00,40024) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,10608,8344,2.6/02:11,27098) /opt/local/bin/gfind / ( -fstype 9P -o -fstype NFS -o -fstype afs -o -fstype autofs -o -fstype cifs -o -fstype coda -o -fstype devfs -o -fstype devpts -o -fstype ftpfs -o -fstype iso9660 -o -fstype mfs -o -fstype ncpfs -o -fstype nfs -o -fstype nfs4 -o -fstype proc -o -fstype shfs -o -fstype smbfs -o -fstype sysfs -o -type d -regex \(^/afs$\)\|\(^/amd$\)\|\(^/proc$\)\|\(^/sfs$\)\|\(^/tmp$\)\|\(^/usr/tmp$\)\|\(^/var/tmp$\) ) -prune -o -print 
(mysql,614596,513412,0.0/19:20:42,35722) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,5532,2284,0.0/00:00,40058) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273

Found on 2024-11-08 01:02

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a04e10375b

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1724,924,0.0/75-16:56:20,14744) /usr/lib/utmpd
(netadm,4140,2752,0.0/75-16:56:26,12517) /lib/inet/ipmgmtd
(php_dev.elementare-vielfalt.de,272112,121288,0.0/01:45:36,78622) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1100340,1090796,0.0/75-16:56:16,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/75-16:56:28,11679) zsched
(root,2788,1576,0.0/75-16:56:28,11791) /sbin/init
(root,10128,8616,0.0/75-16:56:27,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/75-16:56:27,11918) /lib/svc/bin/svc.startd
(fpm,303424,3188,0.0/01:45:36,78667) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3460,0.0/01:45:36,78657) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2632,1748,0.0/75-16:56:24,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/75-16:56:20,14647) /usr/sbin/cron
(root,37344,32564,0.0/75-16:56:23,13380) /usr/sbin/nscd
(root,2380,1188,0.0/75-16:56:20,14747) /usr/lib/saf/ttymon
(www,12564,5296,0.0/19:25:01,30027) /opt/local/sbin/httpd -k start
(root,3368,2380,0.0/75-16:56:20,14635) /usr/sbin/auditd
(root,2228,1120,0.0/75-16:56:20,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/75-16:56:20,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/75-16:56:20,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,2656,0.0/75-16:56:20,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,11372,6704,0.0/75-16:56:20,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8760,5352,0.0/75-16:56:20,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/75-16:56:20,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/75-16:56:18,15485) qmgr -l -t unix -u
(root,11304,1968,0.0/75-16:56:18,15458) /opt/local/libexec/postfix/master -w
(root,2476,1140,0.0/75-16:56:13,17256) /sbin/dhcpagent
(mysql,537072,448612,0.0/08:11:44,50800) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,2860,712,0.0/75-16:56:12,17494) /usr/lib/inet/in.ndpd
(www,14764,7104,0.0/19:25:01,30029) /opt/local/sbin/httpd -k start
(root,3516,1044,0.0/00:00,56222) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7448,4420,0.0/06:55,15706) /usr/lib/ssh/sshd -R
(root,7576,4628,0.0/00:46,51736) /usr/lib/ssh/sshd -R
(root,5532,2284,0.0/00:00,56223) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,11428,4128,0.0/19:25:01,30026) /opt/local/sbin/httpd -k start
(fpm,303424,3140,0.0/01:45:36,78669) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,1688,1204,0.0/00:00,56224) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,268660,35400,0.0/01:45:36,78627) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(daemon,7584,1796,0.0/00:46,51737) /usr/lib/ssh/sshd -R
(www,15932,8220,0.0/19:18:30,67059) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3436,0.0/01:45:36,78665) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3432,0.0/01:45:36,78661) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,268532,33524,0.0/01:45:36,78628) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12968,5584,0.0/19:25:01,30028) /opt/local/sbin/httpd -k start
(haproxy,29200,18132,0.0/31-15:51:11,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(php_dev.elementare-vielfalt.de,303428,3432,0.0/01:45:36,78662) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7448,4420,0.0/07:32,13478) /usr/lib/ssh/sshd -R
(postfix,11272,5236,0.0/14:40,74005) pickup -l -t unix -u
(root,265660,5788,0.0/01:45:36,78618) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,303436,3628,0.0/01:45:36,78651) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3516,2216,0.0/00:00,56192) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,268632,41524,0.0/01:45:36,78625) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7448,4420,0.0/03:25,36468) /usr/lib/ssh/sshd -R

Found on 2024-11-06 00:25

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a06af11126

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(php_dev.elementare-vielfalt.de,271416,61352,0.0/06:20:17,57035) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1724,924,0.0/73-15:17:38,14744) /usr/lib/utmpd
(netadm,4140,2752,0.0/73-15:17:44,12517) /lib/inet/ipmgmtd
(fpm,303424,3188,0.0/17:04:49,22433) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12548,5156,0.0/17:46:20,92902) /opt/local/sbin/httpd -k start
(root,1100256,1090052,0.0/73-15:17:34,16429) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,0,0,0.0/73-15:17:46,11679) zsched
(root,2788,1576,0.0/73-15:17:46,11791) /sbin/init
(root,10128,8616,0.0/73-15:17:45,11921) /lib/svc/bin/svc.configd
(root,7612,5940,0.0/73-15:17:45,11918) /lib/svc/bin/svc.startd
(root,11428,4132,0.0/17:46:20,92899) /opt/local/sbin/httpd -k start
(root,2632,1748,0.0/73-15:17:42,12945) /usr/lib/pfexecd
(root,2132,1104,0.0/73-15:17:38,14647) /usr/sbin/cron
(root,37344,32544,0.0/73-15:17:41,13380) /usr/sbin/nscd
(root,2380,1188,0.0/73-15:17:38,14747) /usr/lib/saf/ttymon
(root,3368,2380,0.0/73-15:17:38,14635) /usr/sbin/auditd
(root,2228,1120,0.0/73-15:17:38,14706) /usr/lib/saf/sac -t 300
(root,8432,4472,0.0/73-15:17:38,14746) /usr/lib/inet/inetd start
(root,2016,1048,0.0/73-15:17:38,14794) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,7792,1788,0.0/73-15:17:38,14790) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -a ban=127.0.0.1:8042 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(redis,11372,6704,0.0/73-15:17:38,14898) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8760,5344,0.0/73-15:17:38,14908) /opt/local/sbin/rsyslogd
(root,7516,1492,0.0/73-15:17:38,14923) /usr/lib/ssh/sshd
(postfix,11400,3360,0.0/73-15:17:36,15485) qmgr -l -t unix -u
(www,14820,7100,0.0/17:46:20,92905) /opt/local/sbin/httpd -k start
(root,11304,1968,0.0/73-15:17:36,15458) /opt/local/libexec/postfix/master -w
(root,2476,1140,0.0/73-15:17:31,17256) /sbin/dhcpagent
(root,2860,712,0.0/73-15:17:30,17494) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,303428,3436,0.0/17:04:49,22432) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,303436,3628,0.0/17:04:49,22428) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,5532,2284,0.0/00:00,46409) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(mysql,570928,483016,0.0/17:04:47,22449) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,269176,57948,0.0/06:19:48,57974) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,269112,61776,0.0/06:19:50,57964) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13008,5608,0.0/17:46:20,92903) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3432,0.0/17:04:49,22430) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,269048,56484,0.0/06:20:06,57902) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,46410) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,7576,4576,0.0/00:06,46308) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,303428,3432,0.0/17:04:49,22431) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3140,0.0/17:04:49,22434) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(postfix,11272,5236,0.0/36:00,48061) pickup -l -t unix -u
(daemon,7584,1668,0.0/00:00,46349) /usr/lib/ssh/sshd -R
(haproxy,29200,18132,0.0/29-14:12:29,66473) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,3516,1044,0.0/00:00,46408) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,16168,8472,0.0/17:39:32,33844) /opt/local/sbin/httpd -k start
(root,3516,2216,0.0/00:00,46378) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,265660,5812,0.0/17:04:49,22421) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3460,0.0/17:04:49,22429) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2024-11-03 22:46

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0e11767e7

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2424,0.0/85-04:19:28,58328) /usr/sbin/auditd
(root,0,0,0.0/85-04:19:35,57700) zsched
(fpm,303424,3268,0.0/07:05:07,53866) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,12640,8536,0.0/78-06:17:36,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32684,27600,0.0/85-04:19:30,58033) /usr/sbin/nscd
(root,249112,5676,0.0/07:05:07,53855) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3508,0.0/07:05:07,53864) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,254544,38712,0.0/03:06:23,647) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,252496,36572,0.0/03:15:20,86746) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(tony,3784,2236,0.0/12:20:42,85642) /usr/local/libexec/sftp-server
(php_dev.elementare-vielfalt.de,254544,38612,0.0/03:24:24,73336) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,252496,36668,0.0/03:21:25,79407) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3516,2272,0.0/00:00,71099) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,2860,956,0.0/85-04:19:19,58862) /usr/lib/inet/in.ndpd
(redis,11180,8104,0.0/66-06:08:27,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8076,5240,0.0/12:20:42,85638) /usr/lib/ssh/sshd -R
(root,11364,4260,0.0/16:43:22,97118) /opt/local/sbin/httpd -k start
(root,8824,6140,0.0/85-04:19:28,58358) /opt/local/sbin/rsyslogd
(php_dev.elementare-vielfalt.de,303428,3508,0.0/07:05:07,53865) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7516,1840,0.0/85-04:19:28,58482) /usr/lib/ssh/sshd
(www,14188,6764,0.0/16:43:22,97121) /opt/local/sbin/httpd -k start
(www,12748,5648,0.0/16:43:22,97119) /opt/local/sbin/httpd -k start
(root,2016,1348,0.0/85-04:19:28,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(fpm,303424,3232,0.0/07:05:07,53867) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,303436,3724,0.0/07:05:07,53861) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(postfix,11400,5096,0.0/78-06:41:52,52953) qmgr -l -t unix -u
(root,3516,1108,0.0/00:00,71130) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,14644,7216,0.0/16:43:09,97714) /opt/local/sbin/httpd -k start
(root,2228,1400,0.0/85-04:19:28,58381) /usr/lib/saf/sac -t 300
(root,14148,12740,0.1/85-04:19:34,57764) /lib/svc/bin/svc.configd
(mysql,873368,738760,0.0/85-04:19:28,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(www,13804,6424,0.0/16:43:22,97120) /opt/local/sbin/httpd -k start
(root,7800,3324,0.0/65-09:20:55,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1036,0.0/85-04:19:28,58382) /usr/lib/utmpd
(root,324332,284244,0.0/65-09:20:54,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/85-04:19:28,58326) /usr/sbin/cron
(haproxy,24912,10480,0.0/12:09:04,1457) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,11304,3364,0.0/85-04:19:27,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/85-04:19:31,57964) /usr/lib/pfexecd
(root,2380,1472,0.0/85-04:19:28,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/85-04:19:28,58385) /usr/lib/inet/inetd start
(php_dev.elementare-vielfalt.de,303428,3508,0.0/07:05:07,53863) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2788,1892,0.0/85-04:19:34,57750) /sbin/init
(postfix,11272,5220,0.0/18:03,47151) pickup -l -t unix -u
(root,1688,1204,0.0/00:00,71132) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(netadm,4140,2896,0.0/85-04:19:32,57824) /lib/inet/ipmgmtd
(root,7708,6068,0.0/85-04:19:34,57762) /lib/svc/bin/svc.startd
(tony,8144,2148,0.0/12:20:42,85641) /usr/lib/ssh/sshd -R
(root,2476,1536,0.0/85-04:19:20,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,303428,3524,0.0/07:05:07,53862) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,5532,2492,0.0/00:00,71131) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273

Found on 2023-09-22 20:43

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0bfcaabf6

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,303436,3916,0.0/09:55:52,83897) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3368,2424,0.0/81-06:13:55,58328) /usr/sbin/auditd
(php_dev.elementare-vielfalt.de,252560,39812,0.0/07:53:38,69636) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(fpm,303424,3480,0.0/09:55:52,83903) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,0,0,0.0/81-06:14:01,57700) zsched
(root,3516,1108,0.0/00:00,96787) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,12640,8536,0.0/74-08:12:02,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32684,27524,0.0/81-06:13:57,58033) /usr/sbin/nscd
(www,14636,7240,0.0/18:37:48,83620) /opt/local/sbin/httpd -k start
(root,2860,956,0.0/81-06:13:46,58862) /usr/lib/inet/in.ndpd
(redis,11180,7792,0.0/62-08:02:53,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,11364,4244,0.0/18:37:48,83616) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3800,0.0/09:55:52,83901) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,8760,6104,0.0/81-06:13:55,58358) /opt/local/sbin/rsyslogd
(root,249112,5704,0.0/09:55:53,83892) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12628,5524,0.0/18:37:48,83618) /opt/local/sbin/httpd -k start
(root,7516,1840,0.0/81-06:13:54,58482) /usr/lib/ssh/sshd
(php_dev.elementare-vielfalt.de,252880,47564,0.0/07:39:47,91644) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,96789) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(www,13764,6340,0.0/18:37:48,83619) /opt/local/sbin/httpd -k start
(root,2016,1348,0.0/81-06:13:54,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11272,5176,0.0/01:12:40,89462) pickup -l -t unix -u
(postfix,11400,5096,0.0/74-08:36:19,52953) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,303428,3800,0.0/09:55:52,83900) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7448,4464,0.0/01:27,95785) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,252496,33920,0.0/07:52:16,75854) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7448,4464,0.0/07:46,88238) /usr/lib/ssh/sshd -R
(php_dev.elementare-vielfalt.de,303428,3816,0.0/09:55:52,83898) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3800,0.0/09:55:52,83899) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7448,4464,0.0/09:56,82594) /usr/lib/ssh/sshd -R
(root,2228,1400,0.0/81-06:13:55,58381) /usr/lib/saf/sac -t 300
(root,7448,4464,0.0/02:58,94610) /usr/lib/ssh/sshd -R
(root,14020,12612,0.1/81-06:14:00,57764) /lib/svc/bin/svc.configd
(mysql,844792,717608,0.0/81-06:13:55,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,252560,42408,0.0/07:31:16,7073) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7800,3240,0.0/61-11:15:21,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1036,0.0/81-06:13:55,58382) /usr/lib/utmpd
(root,324280,284076,0.0/61-11:15:20,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/81-06:13:55,58326) /usr/sbin/cron
(root,11304,3364,0.0/81-06:13:54,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/81-06:13:57,57964) /usr/lib/pfexecd
(root,2380,1472,0.0/81-06:13:54,58400) /usr/lib/saf/ttymon
(root,5532,2492,0.0/00:00,96788) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(www,14900,7452,0.0/18:37:15,84808) /opt/local/sbin/httpd -k start
(root,8428,4528,0.0/81-06:13:55,58385) /usr/lib/inet/inetd start
(root,2788,1892,0.0/81-06:14:00,57750) /sbin/init
(root,3516,2272,0.0/00:00,96757) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(netadm,4140,2896,0.0/81-06:13:59,57824) /lib/inet/ipmgmtd
(root,7708,6068,0.0/81-06:14:00,57762) /lib/svc/bin/svc.startd
(fpm,303424,3516,0.0/09:55:52,83902) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(haproxy,25040,10628,0.0/14:04:30,328) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,2476,1536,0.0/81-06:13:47,58850) /sbin/dhcpagent

Found on 2023-09-18 22:37

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a031753b9f

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2424,0.0/80-16:56:44,58328) /usr/sbin/auditd
(root,0,0,0.0/80-16:56:50,57700) zsched
(root,303436,3724,0.0/10:47,58365) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303428,3508,0.0/10:47,58367) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,12640,8536,0.0/73-18:54:51,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32684,27512,0.0/80-16:56:46,58033) /usr/sbin/nscd
(www,14048,6656,0.0/05:20:37,83620) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,255096,51496,0.0/10:39,59013) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2860,956,0.0/80-16:56:35,58862) /usr/lib/inet/in.ndpd
(redis,11180,7792,0.0/61-18:45:43,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,11364,4244,0.0/05:20:37,83616) /opt/local/sbin/httpd -k start
(fpm,303424,3268,0.0/10:47,58370) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,8760,6104,0.0/80-16:56:44,58358) /opt/local/sbin/rsyslogd
(www,12304,5240,0.0/05:20:37,83618) /opt/local/sbin/httpd -k start
(daemon,7584,1688,0.0/01:00,72831) /usr/lib/ssh/sshd -R
(root,7516,1840,0.0/80-16:56:44,58482) /usr/lib/ssh/sshd
(root,1688,1204,0.0/00:00,75388) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,303428,3524,0.0/10:47,58366) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12920,5792,0.0/05:20:37,83619) /opt/local/sbin/httpd -k start
(root,7448,4464,0.0/05:05,67311) /usr/lib/ssh/sshd -R
(root,3516,1112,0.0/00:00,75386) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7448,4464,0.0/01:44,69042) /usr/lib/ssh/sshd -R
(root,2016,1348,0.0/80-16:56:44,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5096,0.0/73-19:19:08,52953) qmgr -l -t unix -u
(fpm,303424,3232,0.0/10:47,58371) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,7576,4644,0.0/01:00,72830) /usr/lib/ssh/sshd -R
(root,249112,5756,0.0/10:47,58372) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2228,1400,0.0/80-16:56:44,58381) /usr/lib/saf/sac -t 300
(php_dev.elementare-vielfalt.de,255480,48836,0.0/10:47,58376) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,14020,12560,0.1/80-16:56:49,57764) /lib/svc/bin/svc.configd
(root,3516,2276,0.0/00:00,75356) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(mysql,844792,717456,0.1/80-16:56:44,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,267092,67792,0.0/10:47,58375) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7800,3240,0.0/60-21:58:11,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(php_dev.elementare-vielfalt.de,266660,106336,0.0/10:47,58374) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1724,1036,0.0/80-16:56:44,58382) /usr/lib/utmpd
(php_dev.elementare-vielfalt.de,303428,3508,0.0/10:47,58368) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,286272,244276,0.0/60-21:58:10,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/80-16:56:44,58326) /usr/sbin/cron
(root,11304,3364,0.0/80-16:56:43,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/80-16:56:46,57964) /usr/lib/pfexecd
(root,2380,1472,0.0/80-16:56:44,58400) /usr/lib/saf/ttymon
(www,14440,6948,0.0/05:20:04,84808) /opt/local/sbin/httpd -k start
(root,8428,4528,0.0/80-16:56:44,58385) /usr/lib/inet/inetd start
(postfix,11272,5188,0.0/01:15:31,61076) pickup -l -t unix -u
(root,2788,1892,0.0/80-16:56:50,57750) /sbin/init
(netadm,4140,2896,0.0/80-16:56:48,57824) /lib/inet/ipmgmtd
(root,7708,6068,0.0/80-16:56:49,57762) /lib/svc/bin/svc.startd
(root,5532,2492,0.0/00:00,75387) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(haproxy,24784,9528,0.0/47:19,328) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,2476,1536,0.0/80-16:56:36,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,303428,3512,0.0/10:47,58369) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7448,4464,0.0/02:42,68581) /usr/lib/ssh/sshd -R

Found on 2023-09-18 09:20

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a05b2ac385

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,1688,1204,0.0/00:00,40978) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,3368,2424,0.0/78-20:53:04,58328) /usr/sbin/auditd
(root,0,0,0.0/78-20:53:10,57700) zsched
(root,303436,3960,0.0/09:16:51,2307) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,12640,8536,0.0/71-22:51:11,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32180,26980,0.0/78-20:53:05,58033) /usr/sbin/nscd
(root,5532,2492,0.0/00:00,40977) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(www,12264,5172,0.0/09:16:58,2183) /opt/local/sbin/httpd -k start
(root,249112,5936,0.0/09:16:55,2223) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2860,956,0.0/78-20:52:55,58862) /usr/lib/inet/in.ndpd
(redis,11180,7792,0.0/59-22:42:02,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(postfix,11272,5176,0.0/31:52,94228) pickup -l -t unix -u
(www,13316,5944,0.0/09:13:13,5141) /opt/local/sbin/httpd -k start
(root,11364,4216,0.0/09:16:58,2181) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,252464,47056,0.0/09:16:55,2225) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,8760,6092,0.0/78-20:53:03,58358) /opt/local/sbin/rsyslogd
(root,7448,4460,0.0/06:47,33234) /usr/lib/ssh/sshd -R
(root,7516,1840,0.0/78-20:53:03,58482) /usr/lib/ssh/sshd
(fpm,303488,3552,0.0/09:16:51,2312) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,251980,28484,0.0/09:16:55,2226) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12264,5168,0.0/09:16:58,2182) /opt/local/sbin/httpd -k start
(root,2016,1348,0.0/78-20:53:03,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(php_dev.elementare-vielfalt.de,303492,3852,0.0/09:16:51,2308) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(postfix,11400,5096,0.0/71-23:15:28,52953) qmgr -l -t unix -u
(haproxy,24080,8956,0.0/04:43:52,11751) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(www,12352,5240,0.0/09:16:58,2184) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303492,3836,0.0/09:16:51,2309) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2228,1400,0.0/78-20:53:03,58381) /usr/lib/saf/sac -t 300
(root,3516,1108,0.0/00:00,40976) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,13956,12496,0.1/78-20:53:09,57764) /lib/svc/bin/svc.configd
(root,3516,2272,0.0/00:00,40946) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7448,4460,0.0/08:47,27764) /usr/lib/ssh/sshd -R
(mysql,844632,717184,0.0/78-20:53:03,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(fpm,303488,3516,0.0/09:16:51,2313) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,7800,3240,0.0/59-01:54:30,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1036,0.0/78-20:53:03,58382) /usr/lib/utmpd
(php_dev.elementare-vielfalt.de,303492,3836,0.0/09:16:51,2310) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,286272,244276,0.0/59-01:54:29,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/78-20:53:04,58326) /usr/sbin/cron
(root,11304,3364,0.0/78-20:53:02,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/78-20:53:06,57964) /usr/lib/pfexecd
(root,2380,1472,0.0/78-20:53:03,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/78-20:53:03,58385) /usr/lib/inet/inetd start
(php_dev.elementare-vielfalt.de,303492,3836,0.0/09:16:51,2311) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2788,1892,0.0/78-20:53:09,57750) /sbin/init
(netadm,4140,2896,0.0/78-20:53:08,57824) /lib/inet/ipmgmtd
(root,7708,6068,0.0/78-20:53:09,57762) /lib/svc/bin/svc.startd
(php_dev.elementare-vielfalt.de,251980,27968,0.0/09:16:55,2228) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2476,1536,0.0/78-20:52:56,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,251980,27964,0.0/09:16:55,2227) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2023-09-16 13:16

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a05e4bad82

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2424,0.0/76-01:37:37,58328) /usr/sbin/auditd
(root,0,0,0.0/76-01:37:43,57700) zsched
(php_dev.elementare-vielfalt.de,253208,55692,0.0/02:40:09,62611) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,5532,2492,0.0/00:00,90496) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,3528,1108,0.0/00:00,90495) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,12640,8536,0.0/69-03:35:44,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32180,26952,0.0/76-01:37:38,58033) /usr/sbin/nscd
(root,303436,3764,0.0/14:01:22,73843) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303492,3560,0.0/14:01:22,73844) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303488,3268,0.0/14:01:22,73849) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2860,956,0.0/76-01:37:28,58862) /usr/lib/inet/in.ndpd
(redis,11180,7764,0.0/57-03:26:35,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8760,6076,0.0/76-01:37:37,58358) /opt/local/sbin/rsyslogd
(www,14444,6976,0.0/14:01:28,73647) /opt/local/sbin/httpd -k start
(root,7516,1840,0.0/76-01:37:36,58482) /usr/lib/ssh/sshd
(root,249112,5988,0.0/14:01:28,73631) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,252624,48844,0.0/03:07:47,16529) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1348,0.0/76-01:37:36,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5096,0.0/69-04:00:01,52953) qmgr -l -t unix -u
(root,4848,2904,0.0/01:32,87604) /opt/local/libexec/gfrcode
(php_dev.elementare-vielfalt.de,303492,3544,0.0/14:01:22,73846) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,10672,8440,2.1/01:32,87605) /opt/local/bin/gfind / ( -fstype 9P -o -fstype NFS -o -fstype afs -o -fstype autofs -o -fstype cifs -o -fstype coda -o -fstype devfs -o -fstype devpts -o -fstype ftpfs -o -fstype iso9660 -o -fstype mfs -o -fstype ncpfs -o -fstype nfs -o -fstype nfs4 -o -fstype proc -o -fstype shfs -o -fstype smbfs -o -fstype sysfs -o -type d -regex \(^/afs$\)\|\(^/amd$\)\|\(^/proc$\)\|\(^/sfs$\)\|\(^/tmp$\)\|\(^/usr/tmp$\)\|\(^/var/tmp$\) ) -prune -o -print 
(root,5324,1640,0.0/01:32,87602) /bin/sh /opt/local/bin/updatedb
(root,2228,1400,0.0/76-01:37:36,58381) /usr/lib/saf/sac -t 300
(php_dev.elementare-vielfalt.de,303492,3544,0.0/14:01:22,73845) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,11364,4216,0.0/14:01:28,73643) /opt/local/sbin/httpd -k start
(root,13828,12420,0.1/76-01:37:42,57764) /lib/svc/bin/svc.configd
(mysql,824064,698396,0.0/76-01:37:37,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,18636,9776,0.0/01:32,87603) /usr/bin/sort -f
(root,7800,3240,0.0/56-06:39:03,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(haproxy,24976,10368,0.0/09:26:17,75747) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,1724,1036,0.0/76-01:37:36,58382) /usr/lib/utmpd
(root,1688,1204,0.0/00:00,90497) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,248200,213664,0.0/56-06:39:02,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(postfix,11272,5176,0.0/01:36:36,54295) pickup -l -t unix -u
(root,3528,2284,0.0/00:00,90465) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,14504,7008,0.0/13:53:01,82847) /opt/local/sbin/httpd -k start
(root,2200,1460,0.0/76-01:37:37,58326) /usr/sbin/cron
(php_dev.elementare-vielfalt.de,253208,55176,0.0/02:30:19,77268) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13028,5848,0.0/14:01:28,73645) /opt/local/sbin/httpd -k start
(root,11304,3364,0.0/76-01:37:36,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/76-01:37:39,57964) /usr/lib/pfexecd
(php_dev.elementare-vielfalt.de,303492,3544,0.0/14:01:22,73847) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2380,1472,0.0/76-01:37:36,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/76-01:37:36,58385) /usr/lib/inet/inetd start
(www,12264,5100,0.0/14:01:28,73644) /opt/local/sbin/httpd -k start
(root,5324,3272,0.0/01:32,87561) /bin/sh /opt/local/bin/updatedb
(root,2788,1892,0.0/76-01:37:42,57750) /sbin/init
(netadm,4140,2896,0.0/76-01:37:41,57824) /lib/inet/ipmgmtd
(root,7708,6068,0.0/76-01:37:42,57762) /lib/svc/bin/svc.startd
(fpm,303488,3304,0.0/14:01:22,73848) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2476,1536,0.0/76-01:37:29,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,253144,55760,0.0/02:21:53,88963) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2023-09-13 18:01

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a07c8ed0ea

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(php_dev.elementare-vielfalt.de,252760,52308,0.0/06:45:39,86522) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3368,2424,0.0/75-04:30:48,58328) /usr/sbin/auditd
(root,0,0,0.0/75-04:30:55,57700) zsched
(www,13888,6448,0.0/16:54:44,19759) /opt/local/sbin/httpd -k start
(root,12640,8536,0.0/68-06:28:56,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32180,26952,0.0/75-04:30:50,58033) /usr/sbin/nscd
(haproxy,24784,10412,0.0/12:19:55,10484) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(root,2860,956,0.0/75-04:30:40,58862) /usr/lib/inet/in.ndpd
(redis,11180,7764,0.0/56-06:19:47,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8760,6072,0.0/75-04:30:48,58358) /opt/local/sbin/rsyslogd
(php_dev.elementare-vielfalt.de,303428,3532,0.0/06:45:39,86531) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7516,1840,0.0/75-04:30:48,58482) /usr/lib/ssh/sshd
(php_dev.elementare-vielfalt.de,303428,3532,0.0/06:45:39,86530) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,15156,7676,0.0/16:50:58,24343) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3548,0.0/06:45:39,86529) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,255840,71316,0.0/06:45:39,86523) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1348,0.0/75-04:30:48,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5096,0.0/68-06:53:12,52953) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,303428,3532,0.0/06:45:39,86532) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303424,3256,0.0/06:45:39,86534) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(fpm,303424,3292,0.0/06:45:39,86533) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,249112,5844,0.0/06:45:39,86520) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11272,5176,0.0/29:49,22982) pickup -l -t unix -u
(root,2228,1400,0.0/75-04:30:48,58381) /usr/lib/saf/sac -t 300
(www,12624,5460,0.0/16:54:44,19757) /opt/local/sbin/httpd -k start
(root,5532,2492,0.0/00:00,64243) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,13764,12356,0.1/75-04:30:54,57764) /lib/svc/bin/svc.configd
(root,3516,1136,0.0/00:00,64242) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(mysql,824064,698360,0.0/75-04:30:48,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,259028,108968,0.0/06:45:39,86521) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3516,2308,0.0/00:00,64211) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7800,3240,0.0/55-09:32:15,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1036,0.0/75-04:30:48,58382) /usr/lib/utmpd
(root,248200,213660,0.0/55-09:32:14,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/75-04:30:48,58326) /usr/sbin/cron
(php_dev.elementare-vielfalt.de,252752,46408,0.0/06:45:39,86524) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,11304,3364,0.0/75-04:30:47,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/75-04:30:51,57964) /usr/lib/pfexecd
(root,11364,4192,0.0/16:54:44,19756) /opt/local/sbin/httpd -k start
(root,2380,1472,0.0/75-04:30:48,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/75-04:30:48,58385) /usr/lib/inet/inetd start
(www,14444,6928,0.0/16:54:44,19760) /opt/local/sbin/httpd -k start
(root,2788,1892,0.0/75-04:30:54,57750) /sbin/init
(netadm,4140,2896,0.0/75-04:30:53,57824) /lib/inet/ipmgmtd
(root,1688,1204,0.0/00:00,64244) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,7708,6068,0.0/75-04:30:54,57762) /lib/svc/bin/svc.startd
(root,303436,3748,0.0/06:45:39,86528) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2476,1536,0.0/75-04:30:41,58850) /sbin/dhcpagent

Found on 2023-09-12 20:54

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a08dfe03e7

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,249112,5940,0.0/06:27:02,51513) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3368,2424,0.0/72-18:03:12,58328) /usr/sbin/auditd
(www,12352,5240,0.0/06:27:06,51407) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,258384,39984,0.0/06:27:02,51547) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,0,0,0.0/72-18:03:19,57700) zsched
(www,12400,5312,0.0/06:27:06,51408) /opt/local/sbin/httpd -k start
(www,12736,5508,0.0/06:20:22,60501) /opt/local/sbin/httpd -k start
(root,11364,4216,0.0/06:27:06,51405) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,258320,35232,0.0/06:27:02,51549) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,12640,8536,0.0/65-20:01:20,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32180,26920,0.0/72-18:03:14,58033) /usr/sbin/nscd
(haproxy,23888,8556,0.0/01:51:30,50222) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D
(php_dev.elementare-vielfalt.de,258320,35292,0.0/06:27:02,51548) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2860,956,0.0/72-18:03:03,58862) /usr/lib/inet/in.ndpd
(redis,11180,7764,0.0/53-19:52:11,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,3516,1112,0.0/00:00,11252) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,8760,6060,0.0/72-18:03:12,58358) /opt/local/sbin/rsyslogd
(php_dev.elementare-vielfalt.de,303492,3828,0.0/06:26:57,51690) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7516,1840,0.0/72-18:03:12,58482) /usr/lib/ssh/sshd
(root,2016,1348,0.0/72-18:03:12,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(php_dev.elementare-vielfalt.de,303492,3812,0.0/06:26:57,51692) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(postfix,11400,5096,0.0/65-20:25:36,52953) qmgr -l -t unix -u
(root,1688,1204,0.0/00:00,11254) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,303492,3812,0.0/06:26:57,51691) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,303436,3936,0.0/06:26:57,51689) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303492,3812,0.0/06:26:57,51694) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2228,1400,0.0/72-18:03:12,58381) /usr/lib/saf/sac -t 300
(root,5532,2492,0.0/00:00,11253) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(fpm,303488,3528,0.0/06:26:57,51695) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,13700,12292,0.1/72-18:03:18,57764) /lib/svc/bin/svc.configd
(mysql,824060,698000,0.0/72-18:03:12,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,259252,67200,0.0/06:27:02,51546) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7800,3240,0.0/52-23:04:39,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,3516,2276,0.0/00:00,11222) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,1724,1036,0.0/72-18:03:12,58382) /usr/lib/utmpd
(root,210128,177096,0.0/52-23:04:38,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/72-18:03:12,58326) /usr/sbin/cron
(root,11304,3364,0.0/72-18:03:11,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/72-18:03:15,57964) /usr/lib/pfexecd
(root,2380,1472,0.0/72-18:03:12,58400) /usr/lib/saf/ttymon
(postfix,11272,5184,0.0/22:17,81415) pickup -l -t unix -u
(www,12264,5172,0.0/06:27:06,51406) /opt/local/sbin/httpd -k start
(root,8428,4528,0.0/72-18:03:12,58385) /usr/lib/inet/inetd start
(fpm,303488,3492,0.0/06:26:57,51696) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2788,1892,0.0/72-18:03:18,57750) /sbin/init
(netadm,4140,2896,0.0/72-18:03:17,57824) /lib/inet/ipmgmtd
(root,7708,6068,0.0/72-18:03:18,57762) /lib/svc/bin/svc.startd
(root,2476,1536,0.0/72-18:03:04,58850) /sbin/dhcpagent

Found on 2023-09-10 10:27

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a083ca8acc

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2424,0.0/69-07:35:18,58328) /usr/sbin/auditd
(php_dev.elementare-vielfalt.de,255420,55180,0.0/02:13:30,12677) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(haproxy,36816,24656,0.0/52-15:24:12,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/69-07:35:25,57700) zsched
(root,3516,2284,0.0/00:00,1077) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(tony,8120,2116,0.0/01:08:09,7799) /usr/lib/ssh/sshd -R
(root,12640,8536,0.0/62-09:33:26,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32140,26816,0.0/69-07:35:20,58033) /usr/sbin/nscd
(root,2860,956,0.0/69-07:35:10,58862) /usr/lib/inet/in.ndpd
(redis,11180,7764,0.0/50-09:24:17,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(www,13972,6508,0.0/19:59:11,52737) /opt/local/sbin/httpd -k start
(root,8696,6032,0.0/69-07:35:18,58358) /opt/local/sbin/rsyslogd
(root,3516,1112,0.0/00:00,1109) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,7516,1840,0.0/69-07:35:18,58482) /usr/lib/ssh/sshd
(php_dev.elementare-vielfalt.de,303428,3792,0.0/15:11:35,69755) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3776,0.0/15:11:35,69756) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2016,1348,0.0/69-07:35:18,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5096,0.0/62-09:57:42,52953) qmgr -l -t unix -u
(postfix,11272,5144,0.0/01:14:36,98149) pickup -l -t unix -u
(www,12584,5412,0.0/19:59:11,52735) /opt/local/sbin/httpd -k start
(root,11364,4212,0.0/19:59:11,52734) /opt/local/sbin/httpd -k start
(root,2228,1400,0.0/69-07:35:18,58381) /usr/lib/saf/sac -t 300
(php_dev.elementare-vielfalt.de,257660,61064,0.0/02:04:43,24273) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(fpm,303424,3456,0.0/15:11:35,69760) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,13572,12164,0.1/69-07:35:24,57764) /lib/svc/bin/svc.configd
(root,5532,2492,0.0/00:00,1112) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(mysql,823644,696852,0.0/69-07:35:18,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(fpm,303424,3492,0.0/15:11:35,69759) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(tony,3768,2244,0.0/01:08:08,7800) /usr/local/libexec/sftp-server
(root,7800,3240,0.0/49-12:36:45,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1036,0.0/69-07:35:18,58382) /usr/lib/utmpd
(root,210128,168756,0.0/49-12:36:44,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/69-07:35:18,58326) /usr/sbin/cron
(root,11304,3364,0.0/69-07:35:17,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/69-07:35:21,57964) /usr/lib/pfexecd
(root,1688,1204,0.0/00:00,1114) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,2380,1472,0.0/69-07:35:18,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/69-07:35:18,58385) /usr/lib/inet/inetd start
(root,249112,5840,0.0/15:11:35,69749) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303428,3776,0.0/15:11:35,69758) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,255608,55080,0.0/01:11:28,1163) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2788,1892,0.0/69-07:35:24,57750) /sbin/init
(netadm,4140,2896,0.0/69-07:35:23,57824) /lib/inet/ipmgmtd
(root,7708,6068,0.0/69-07:35:24,57762) /lib/svc/bin/svc.startd
(php_dev.elementare-vielfalt.de,303428,3776,0.0/15:11:35,69757) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2476,1536,0.0/69-07:35:11,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,255480,53068,0.0/01:11:27,1169) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,13436,6096,0.0/19:59:11,52736) /opt/local/sbin/httpd -k start
(root,8076,5220,0.0/01:08:09,7797) /usr/lib/ssh/sshd -R
(www,14704,7204,0.0/19:52:31,62755) /opt/local/sbin/httpd -k start
(root,303436,3892,0.0/15:11:35,69754) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2023-09-06 23:59

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a08058d6b4

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/65-21:04:25,58328) /usr/sbin/auditd
(php_dev.elementare-vielfalt.de,303492,3828,0.0/09:28:10,69618) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(haproxy,36816,24824,0.0/49-04:53:18,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/65-21:04:31,57700) zsched
(root,1688,1204,0.0/00:00,90698) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,12640,9024,0.0/58-23:02:32,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26688,0.0/65-21:04:26,58033) /usr/sbin/nscd
(root,2860,964,0.0/65-21:04:16,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/46-22:53:23,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(www,12852,5576,0.0/09:27:49,70560) /opt/local/sbin/httpd -k start
(root,8696,6124,0.0/65-21:04:24,58358) /opt/local/sbin/rsyslogd
(php_dev.elementare-vielfalt.de,256496,50776,0.0/09:28:16,69411) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3516,2296,0.0/00:00,90666) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(fpm,303488,3492,0.0/09:28:10,69623) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,7516,1840,0.0/65-21:04:24,58482) /usr/lib/ssh/sshd
(php_dev.elementare-vielfalt.de,256076,31852,0.0/09:28:16,69415) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3812,0.0/09:28:10,69621) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2016,1372,0.0/65-21:04:24,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/58-23:26:48,52953) qmgr -l -t unix -u
(www,12264,5192,0.0/09:28:16,69349) /opt/local/sbin/httpd -k start
(www,12268,5200,0.0/09:28:16,69350) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303492,3812,0.0/09:28:10,69619) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,5532,2512,0.0/00:00,90697) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,2228,1400,0.0/65-21:04:24,58381) /usr/lib/saf/sac -t 300
(postfix,11272,5180,0.0/23:56,58628) pickup -l -t unix -u
(root,13444,12040,0.1/65-21:04:30,57764) /lib/svc/bin/svc.configd
(root,249112,5704,0.0/09:28:16,69407) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,256076,31848,0.0/09:28:16,69414) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,823268,702384,0.0/65-21:04:24,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,7800,3340,0.0/46-02:05:51,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/65-21:04:24,58382) /usr/lib/utmpd
(root,210128,165984,0.0/46-02:05:50,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,303436,3932,0.0/09:28:10,69616) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2200,1460,0.0/65-21:04:25,58326) /usr/sbin/cron
(root,11304,3532,0.0/65-21:04:23,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/65-21:04:27,57964) /usr/lib/pfexecd
(www,12624,5436,0.0/09:28:16,69351) /opt/local/sbin/httpd -k start
(root,2380,1492,0.0/65-21:04:24,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/65-21:04:24,58385) /usr/lib/inet/inetd start
(php_dev.elementare-vielfalt.de,256076,32272,0.0/09:28:16,69413) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3812,0.0/09:28:10,69620) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2788,1896,0.0/65-21:04:30,57750) /sbin/init
(netadm,4140,2896,0.0/65-21:04:29,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/65-21:04:30,57762) /lib/svc/bin/svc.startd
(fpm,303488,3528,0.0/09:28:10,69622) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2476,1560,0.0/65-21:04:17,58850) /sbin/dhcpagent
(root,3516,1120,0.0/00:00,90696) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,11364,4212,0.0/09:28:16,69348) /opt/local/sbin/httpd -k start

Found on 2023-09-03 13:28

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0ddaed378

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/62-18:41:33,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/46-02:30:27,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/62-18:41:40,57700) zsched
(daemon,7584,1704,0.0/08:53,69568) /usr/lib/ssh/sshd -R
(root,249112,5940,0.0/07:05:25,61764) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,12640,9024,0.0/55-20:39:41,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26664,0.0/62-18:41:35,58033) /usr/sbin/nscd
(php_dev.elementare-vielfalt.de,258444,49452,0.0/07:05:25,61768) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12264,5240,0.0/07:05:27,61635) /opt/local/sbin/httpd -k start
(root,2860,964,0.0/62-18:41:24,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/43-20:30:32,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,3516,2296,0.0/00:00,85566) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,8696,6104,0.0/62-18:41:33,58358) /opt/local/sbin/rsyslogd
(php_dev.elementare-vielfalt.de,256600,51604,0.0/07:05:25,61765) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12264,5228,0.0/07:05:27,61634) /opt/local/sbin/httpd -k start
(root,7516,1840,0.0/62-18:41:33,58482) /usr/lib/ssh/sshd
(root,5532,2512,0.0/00:00,85597) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(www,13576,6296,0.0/07:00:46,68027) /opt/local/sbin/httpd -k start
(root,7576,4632,0.0/08:53,69567) /usr/lib/ssh/sshd -R
(root,2016,1372,0.0/62-18:41:33,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(php_dev.elementare-vielfalt.de,258228,35236,0.0/07:05:25,61766) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3516,1120,0.0/00:00,85596) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(postfix,11400,5336,0.0/55-21:03:57,52953) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,303492,3828,0.0/07:05:22,61831) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3812,0.0/07:05:22,61832) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303488,3492,0.0/07:05:22,61836) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,303436,3932,0.0/07:05:22,61830) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2228,1400,0.0/62-18:41:33,58381) /usr/lib/saf/sac -t 300
(root,11364,4244,0.0/07:05:27,61633) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303492,3812,0.0/07:05:22,61834) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,13316,11912,0.1/62-18:41:39,57764) /lib/svc/bin/svc.configd
(mysql,818648,697584,0.0/62-18:41:33,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,258228,37232,0.0/07:05:25,61767) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7800,3340,0.0/42-23:43:00,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/62-18:41:33,58382) /usr/lib/utmpd
(root,210128,165976,0.0/42-23:42:59,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/62-18:41:33,58326) /usr/sbin/cron
(postfix,11272,5180,0.0/01:01:07,90600) pickup -l -t unix -u
(root,11304,3532,0.0/62-18:41:32,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/62-18:41:36,57964) /usr/lib/pfexecd
(root,2380,1492,0.0/62-18:41:33,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/62-18:41:33,58385) /usr/lib/inet/inetd start
(root,2788,1896,0.0/62-18:41:39,57750) /sbin/init
(fpm,303488,3528,0.0/07:05:22,61835) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(netadm,4140,2896,0.0/62-18:41:37,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/62-18:41:39,57762) /lib/svc/bin/svc.startd
(php_dev.elementare-vielfalt.de,303492,3812,0.0/07:05:22,61833) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2476,1560,0.0/62-18:41:25,58850) /sbin/dhcpagent
(root,1688,1204,0.0/00:00,85598) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(www,12856,5812,0.0/07:05:27,61636) /opt/local/sbin/httpd -k start

Found on 2023-08-31 11:05

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a05d92769d

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/61-07:47:38,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/44-15:36:31,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(postfix,11552,5836,0.0/01:33,59279) trivial-rewrite -n rewrite -t unix -u
(root,0,0,0.0/61-07:47:44,57700) zsched
(root,1688,1204,0.0/00:00,60248) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,11364,4216,0.0/20:11:30,59804) /opt/local/sbin/httpd -k start
(root,12640,9024,0.0/54-09:45:45,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26660,0.0/61-07:47:40,58033) /usr/sbin/nscd
(root,2860,964,0.0/61-07:47:29,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/42-09:36:36,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(postfix,11308,5344,0.0/01:33,59315) bounce -z -t unix -u
(root,3516,2296,0.0/00:00,60216) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(postfix,11268,5204,0.0/01:33,59267) proxymap -t unix -u
(root,8696,6100,0.0/61-07:47:38,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/61-07:47:37,58482) /usr/lib/ssh/sshd
(fpm,303488,3468,0.0/20:11:23,60142) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(fpm,303488,3504,0.0/20:11:23,60141) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2016,1372,0.0/61-07:47:37,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(php_dev.elementare-vielfalt.de,258288,34540,0.0/09:34:52,46022) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11400,5336,0.0/54-10:10:02,52953) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,303492,3788,0.0/20:11:23,60139) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(postfix,13504,7700,0.0/01:33,59260) smtpd -n smtp -t inet -u -s 2
(php_dev.elementare-vielfalt.de,303492,3788,0.0/20:11:23,60138) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3788,0.0/20:11:23,60140) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2228,1400,0.0/61-07:47:38,58381) /usr/lib/saf/sac -t 300
(www,14180,6728,0.0/20:06:02,70703) /opt/local/sbin/httpd -k start
(postfix,11272,5180,0.0/01:07:15,60590) pickup -l -t unix -u
(root,13252,11848,0.1/61-07:47:43,57764) /lib/svc/bin/svc.configd
(mysql,818648,697584,0.0/61-07:47:38,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,258544,47188,0.0/09:47:03,28099) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,249112,6068,0.0/20:11:29,59865) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7800,3340,0.0/41-12:49:04,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/61-07:47:38,58382) /usr/lib/utmpd
(root,210128,165976,0.0/41-12:49:03,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/61-07:47:38,58326) /usr/sbin/cron
(root,11304,3532,0.0/61-07:47:37,58655) /opt/local/libexec/postfix/master -w
(root,3516,1120,0.0/00:00,60246) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,2632,1808,0.0/61-07:47:40,57964) /usr/lib/pfexecd
(postfix,12596,6812,0.0/01:33,59289) cleanup -z -t unix -u
(php_dev.elementare-vielfalt.de,258288,34540,0.0/08:10:03,70579) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2380,1492,0.0/61-07:47:38,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/61-07:47:38,58385) /usr/lib/inet/inetd start
(root,2788,1896,0.0/61-07:47:43,57750) /sbin/init
(php_dev.elementare-vielfalt.de,303492,3804,0.0/20:11:23,60137) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(postfix,11656,5864,0.0/01:33,59298) smtp -t unix -u
(netadm,4140,2896,0.0/61-07:47:42,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/61-07:47:43,57762) /lib/svc/bin/svc.startd
(www,13808,6416,0.0/20:11:30,59807) /opt/local/sbin/httpd -k start
(root,2476,1560,0.0/61-07:47:30,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,258288,34544,0.0/09:25:03,61193) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12692,5596,0.0/20:11:30,59806) /opt/local/sbin/httpd -k start
(root,5532,2512,0.0/00:00,60247) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(www,12352,5300,0.0/20:11:30,59805) /opt/local/sbin/httpd -k start
(root,303436,3908,0.0/20:11:23,60135) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2023-08-30 00:11

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a080972d93

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/60-04:01:32,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/43-11:50:25,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/60-04:01:38,57700) zsched
(root,11364,4228,0.0/16:25:23,64378) /opt/local/sbin/httpd -k start
(root,12640,9024,0.0/53-05:59:39,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26652,0.0/60-04:01:34,58033) /usr/sbin/nscd
(root,1688,1204,0.0/00:00,71180) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,2860,964,0.0/60-04:01:23,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/41-05:50:30,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(fpm,303488,3552,0.0/16:25:15,64646) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3516,2296,0.0/00:00,71148) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,8696,6096,0.0/60-04:01:32,58358) /opt/local/sbin/rsyslogd
(www,12352,5244,0.0/16:25:23,64380) /opt/local/sbin/httpd -k start
(root,7516,1840,0.0/60-04:01:31,58482) /usr/lib/ssh/sshd
(php_dev.elementare-vielfalt.de,256440,41132,0.0/16:25:21,64471) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1372,0.0/60-04:01:31,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(php_dev.elementare-vielfalt.de,303492,3836,0.0/16:25:15,64642) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(postfix,11400,5336,0.0/53-06:23:56,52953) qmgr -l -t unix -u
(postfix,11272,5180,0.0/01:16,65723) pickup -l -t unix -u
(root,249112,5932,0.0/16:25:21,64461) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2228,1400,0.0/60-04:01:32,58381) /usr/lib/saf/sac -t 300
(root,5532,2512,0.0/00:00,71179) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,13188,11784,0.1/60-04:01:37,57764) /lib/svc/bin/svc.configd
(mysql,818360,697356,0.0/60-04:01:32,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,303492,3836,0.0/16:25:15,64645) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12352,5248,0.0/16:25:23,64381) /opt/local/sbin/httpd -k start
(root,7800,3340,0.0/40-09:02:58,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/60-04:01:32,58382) /usr/lib/utmpd
(root,210128,165976,0.0/40-09:02:57,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(www,12488,5348,0.0/16:25:23,64382) /opt/local/sbin/httpd -k start
(root,2200,1460,0.0/60-04:01:32,58326) /usr/sbin/cron
(root,11304,3532,0.0/60-04:01:31,58655) /opt/local/libexec/postfix/master -w
(fpm,303488,3516,0.0/16:25:15,64647) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2632,1808,0.0/60-04:01:34,57964) /usr/lib/pfexecd
(php_dev.elementare-vielfalt.de,256208,33300,0.0/16:25:21,64470) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2380,1492,0.0/60-04:01:31,58400) /usr/lib/saf/ttymon
(php_dev.elementare-vielfalt.de,256208,33776,0.0/16:25:21,64469) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3836,0.0/16:25:15,64644) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3516,1120,0.0/00:00,71178) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,8428,4528,0.0/60-04:01:32,58385) /usr/lib/inet/inetd start
(root,2788,1896,0.0/60-04:01:37,57750) /sbin/init
(netadm,4140,2896,0.0/60-04:01:36,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/60-04:01:37,57762) /lib/svc/bin/svc.startd
(root,2476,1560,0.0/60-04:01:24,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,257180,63820,0.0/16:25:21,64468) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3852,0.0/16:25:15,64641) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,13612,6100,0.0/16:23:57,66883) /opt/local/sbin/httpd -k start
(root,303436,3960,0.0/16:25:15,64640) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2023-08-28 20:25

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0b265aa1c

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/59-02:58:15,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/42-10:47:08,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/59-02:58:21,57700) zsched
(php_dev.elementare-vielfalt.de,303492,3812,0.0/15:22:00,15512) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,256208,33396,0.0/15:22:04,15312) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12488,5340,0.0/15:22:06,15223) /opt/local/sbin/httpd -k start
(root,12640,9024,0.0/52-04:56:22,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26644,0.0/59-02:58:16,58033) /usr/sbin/nscd
(root,3516,2296,0.0/00:00,86391) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,249112,5936,0.0/15:22:04,15301) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2860,964,0.0/59-02:58:06,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/40-04:47:13,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8696,6088,0.0/59-02:58:14,58358) /opt/local/sbin/rsyslogd
(root,11364,4192,0.0/15:22:06,15220) /opt/local/sbin/httpd -k start
(www,12376,5268,0.0/15:22:06,15222) /opt/local/sbin/httpd -k start
(www,12264,5164,0.0/15:22:06,15221) /opt/local/sbin/httpd -k start
(root,7516,1840,0.0/59-02:58:14,58482) /usr/lib/ssh/sshd
(www,13612,6088,0.0/15:15:28,24919) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,257180,64752,0.0/15:22:04,15309) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1372,0.0/59-02:58:14,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/52-05:20:38,52953) qmgr -l -t unix -u
(root,5532,2512,0.0/00:00,86422) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,3516,1120,0.0/00:00,86421) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,256336,38044,0.0/15:22:04,15310) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2228,1400,0.0/59-02:58:14,58381) /usr/lib/saf/sac -t 300
(php_dev.elementare-vielfalt.de,303492,3812,0.0/15:22:00,15513) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,13188,11784,0.1/59-02:58:20,57764) /lib/svc/bin/svc.configd
(mysql,818360,697356,0.0/59-02:58:14,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,7800,3340,0.0/39-07:59:41,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/59-02:58:14,58382) /usr/lib/utmpd
(root,210128,165976,0.0/39-07:59:40,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,7448,4452,0.0/00:34,85804) /usr/lib/ssh/sshd -R
(root,2200,1460,0.0/59-02:58:15,58326) /usr/sbin/cron
(root,11304,3532,0.0/59-02:58:13,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/59-02:58:17,57964) /usr/lib/pfexecd
(php_dev.elementare-vielfalt.de,256208,33392,0.0/15:22:04,15311) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2380,1492,0.0/59-02:58:14,58400) /usr/lib/saf/ttymon
(root,1688,1204,0.0/00:00,86423) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,8428,4528,0.0/59-02:58:14,58385) /usr/lib/inet/inetd start
(php_dev.elementare-vielfalt.de,303492,3812,0.0/15:22:00,15514) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2788,1896,0.0/59-02:58:20,57750) /sbin/init
(postfix,11272,5180,0.0/01:38:04,39798) pickup -l -t unix -u
(netadm,4140,2896,0.0/59-02:58:19,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/59-02:58:20,57762) /lib/svc/bin/svc.startd
(root,303436,3932,0.0/15:22:00,15510) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(fpm,303488,3528,0.0/15:22:00,15515) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2476,1560,0.0/59-02:58:07,58850) /sbin/dhcpagent
(fpm,303488,3492,0.0/15:22:00,15516) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303492,3828,0.0/15:22:00,15511) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2023-08-27 19:22

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a083bd5ef5

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/57-20:07:52,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/41-03:56:45,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/57-20:07:58,57700) zsched
(root,303436,3764,0.0/08:31:39,49246) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(fpm,303488,3268,0.0/08:31:39,49253) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303492,3544,0.0/08:31:39,49250) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,12640,9024,0.0/50-22:05:59,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26636,0.0/57-20:07:54,58033) /usr/sbin/nscd
(php_dev.elementare-vielfalt.de,256208,33736,0.0/08:31:45,49022) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,22103) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,303492,3560,0.0/08:31:39,49247) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2860,964,0.0/57-20:07:43,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/38-21:56:50,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,3516,2296,0.0/00:00,22070) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,8696,6084,0.0/57-20:07:52,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/57-20:07:51,58482) /usr/lib/ssh/sshd
(root,3516,1120,0.0/00:00,22100) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(postfix,11272,5180,0.0/47:45,46525) pickup -l -t unix -u
(root,249112,5892,0.0/08:31:45,49018) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1372,0.0/57-20:07:52,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/50-22:30:16,52953) qmgr -l -t unix -u
(www,12488,5332,0.0/08:31:44,49041) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,256208,33732,0.0/08:31:45,49021) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2228,1400,0.0/57-20:07:52,58381) /usr/lib/saf/sac -t 300
(www,12872,5600,0.0/08:28:17,53941) /opt/local/sbin/httpd -k start
(root,13124,11720,0.1/57-20:07:57,57764) /lib/svc/bin/svc.configd
(root,5532,2512,0.0/00:00,22102) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(php_dev.elementare-vielfalt.de,303492,3544,0.0/08:31:39,49249) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(mysql,818376,697372,0.0/57-20:07:52,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,256336,38300,0.0/08:31:45,49020) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(fpm,303488,3304,0.0/08:31:39,49252) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12048,4088,0.0/08:31:44,49038) /opt/local/sbin/httpd -k start
(root,7800,3340,0.0/38-01:09:19,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/57-20:07:52,58382) /usr/lib/utmpd
(root,210128,165976,0.0/38-01:09:17,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/57-20:07:52,58326) /usr/sbin/cron
(root,11304,3532,0.0/57-20:07:51,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/57-20:07:54,57964) /usr/lib/pfexecd
(www,12352,5228,0.0/08:31:44,49040) /opt/local/sbin/httpd -k start
(root,2380,1492,0.0/57-20:07:52,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/57-20:07:52,58385) /usr/lib/inet/inetd start
(root,2788,1896,0.0/57-20:07:58,57750) /sbin/init
(php_dev.elementare-vielfalt.de,303492,3544,0.0/08:31:39,49251) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(netadm,4140,2896,0.0/57-20:07:56,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/57-20:07:57,57762) /lib/svc/bin/svc.startd
(root,11364,4192,0.0/08:31:44,49034) /opt/local/sbin/httpd -k start
(root,2476,1560,0.0/57-20:07:44,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,257180,64624,0.0/08:31:45,49019) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2023-08-26 12:31

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0b9b3c5fc

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/56-13:27:25,58328) /usr/sbin/auditd
(root,3516,1120,0.0/00:00,50361) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(haproxy,36816,24824,0.0/39-21:16:19,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/56-13:27:32,57700) zsched
(php_dev.elementare-vielfalt.de,303468,3824,0.0/01:51:15,88607) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,256076,32592,0.0/01:51:18,88474) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(fpm,303464,3504,0.0/01:51:15,88610) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,256076,33012,0.0/01:51:18,88472) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,303476,3952,0.0/01:51:15,88604) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,12640,9024,0.0/49-15:25:33,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26620,0.0/56-13:27:27,58033) /usr/sbin/nscd
(root,2860,964,0.0/56-13:27:16,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/37-15:16:24,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(www,12048,4120,0.0/01:51:19,88451) /opt/local/sbin/httpd -k start
(root,5532,2512,0.0/00:00,50362) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,8696,6080,0.0/56-13:27:25,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/56-13:27:25,58482) /usr/lib/ssh/sshd
(root,2016,1372,0.0/56-13:27:25,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/49-15:49:49,52953) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,303468,3840,0.0/01:51:15,88605) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,50363) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,2228,1400,0.0/56-13:27:25,58381) /usr/lib/saf/sac -t 300
(root,3516,2296,0.0/00:00,50331) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,249112,5632,0.0/01:51:18,88470) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,13060,11656,0.1/56-13:27:31,57764) /lib/svc/bin/svc.configd
(php_dev.elementare-vielfalt.de,303468,3824,0.0/01:51:15,88606) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(fpm,303464,3540,0.0/01:51:15,88609) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(mysql,818376,697372,0.0/56-13:27:25,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(www,12380,5276,0.0/01:45:51,98726) /opt/local/sbin/httpd -k start
(www,12352,5240,0.0/01:51:19,88454) /opt/local/sbin/httpd -k start
(www,12264,5172,0.0/01:51:19,88453) /opt/local/sbin/httpd -k start
(root,7800,3340,0.0/36-18:28:52,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/56-13:27:25,58382) /usr/lib/utmpd
(php_dev.elementare-vielfalt.de,256012,32580,0.0/01:51:18,88473) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,210128,165976,0.0/36-18:28:51,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/56-13:27:25,58326) /usr/sbin/cron
(php_dev.elementare-vielfalt.de,303468,3824,0.0/01:51:15,88608) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,11304,3532,0.0/56-13:27:24,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/56-13:27:28,57964) /usr/lib/pfexecd
(root,11364,4216,0.0/01:51:19,88446) /opt/local/sbin/httpd -k start
(root,2380,1492,0.0/56-13:27:25,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/56-13:27:25,58385) /usr/lib/inet/inetd start
(root,2788,1896,0.0/56-13:27:31,57750) /sbin/init
(netadm,4140,2896,0.0/56-13:27:30,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/56-13:27:31,57762) /lib/svc/bin/svc.startd
(root,2476,1560,0.0/56-13:27:17,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,256432,50112,0.0/01:51:18,88471) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11272,5180,0.0/07:20,36927) pickup -l -t unix -u

Found on 2023-08-25 05:51

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0452bac23

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(php_dev.elementare-vielfalt.de,303492,3852,0.0/02:07:51,4788) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3368,2432,0.0/55-13:44:04,58328) /usr/sbin/auditd
(postfix,12596,6812,0.0/01:35,80961) cleanup -z -t unix -u
(haproxy,36816,24824,0.0/38-21:32:57,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/55-13:44:11,57700) zsched
(www,12264,5196,0.0/02:07:57,4632) /opt/local/sbin/httpd -k start
(root,12640,9024,0.0/48-15:42:12,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26608,0.0/55-13:44:06,58033) /usr/sbin/nscd
(postfix,11268,5204,0.0/01:35,80958) proxymap -t unix -u
(php_dev.elementare-vielfalt.de,254028,31192,0.0/02:07:55,4673) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2860,964,0.0/55-13:43:55,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/36-15:33:03,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(php_dev.elementare-vielfalt.de,256076,33604,0.0/02:07:55,4672) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12376,5276,0.0/02:07:57,4633) /opt/local/sbin/httpd -k start
(root,8696,6080,0.0/55-13:44:04,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/55-13:44:04,58482) /usr/lib/ssh/sshd
(root,3516,2296,0.0/00:00,82068) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,249112,5872,0.0/02:07:55,4670) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,82100) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,256496,50704,0.0/02:07:55,4671) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1372,0.0/55-13:44:04,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,13504,7732,0.0/01:35,80957) smtpd -n smtp -t inet -u -s 2
(postfix,11400,5336,0.0/48-16:06:28,52953) qmgr -l -t unix -u
(postfix,11272,5180,0.0/01:24:02,62521) pickup -l -t unix -u
(php_dev.elementare-vielfalt.de,303492,3868,0.0/02:07:51,4787) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,303436,3980,0.0/02:07:51,4786) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,11364,4220,0.0/02:07:57,4630) /opt/local/sbin/httpd -k start
(root,2228,1400,0.0/55-13:44:04,58381) /usr/lib/saf/sac -t 300
(root,13060,11656,0.1/55-13:44:09,57764) /lib/svc/bin/svc.configd
(php_dev.elementare-vielfalt.de,303492,3852,0.0/02:07:51,4790) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(mysql,818376,697372,0.0/55-13:44:04,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,5532,2512,0.0/00:00,82099) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(postfix,11308,5344,0.0/01:35,80963) bounce -z -t unix -u
(php_dev.elementare-vielfalt.de,303492,3852,0.0/02:07:51,4789) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7800,3340,0.0/35-18:45:31,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/55-13:44:04,58382) /usr/lib/utmpd
(www,12048,4120,0.0/02:07:57,4631) /opt/local/sbin/httpd -k start
(root,210128,165976,0.0/35-18:45:30,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(postfix,11656,5896,0.0/01:35,80962) smtp -t unix -u
(root,2200,1460,0.0/55-13:44:04,58326) /usr/sbin/cron
(root,11304,3532,0.0/55-13:44:03,58655) /opt/local/libexec/postfix/master -w
(fpm,303488,3568,0.0/02:07:51,4791) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12376,5276,0.0/02:01:29,13514) /opt/local/sbin/httpd -k start
(root,2632,1808,0.0/55-13:44:07,57964) /usr/lib/pfexecd
(fpm,303488,3532,0.0/02:07:51,4792) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2380,1492,0.0/55-13:44:04,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/55-13:44:04,58385) /usr/lib/inet/inetd start
(root,2788,1896,0.0/55-13:44:10,57750) /sbin/init
(netadm,4140,2896,0.0/55-13:44:08,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/55-13:44:09,57762) /lib/svc/bin/svc.startd
(root,3516,1120,0.0/00:00,82098) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(postfix,11552,5836,0.0/01:35,80960) trivial-rewrite -n rewrite -t unix -u
(root,2476,1560,0.0/55-13:43:56,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,256076,33132,0.0/02:07:55,4674) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2023-08-24 06:07

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0fb97d0d1

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/54-07:26:05,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/37-15:14:58,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/54-07:26:11,57700) zsched
(php_dev.elementare-vielfalt.de,303492,3828,0.0/19:49:48,96548) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12356,5280,0.0/19:49:57,95531) /opt/local/sbin/httpd -k start
(root,5532,2512,0.0/00:00,3661) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,12640,9024,0.0/47-09:24:12,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26600,0.0/54-07:26:06,58033) /usr/sbin/nscd
(root,3516,1120,0.0/00:00,3659) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(fpm,303488,3544,0.0/19:49:48,96549) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2860,964,0.0/54-07:25:56,58862) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,256204,33356,0.0/03:20:15,18223) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(redis,11180,7876,0.0/35-09:15:03,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(www,14124,6640,0.0/19:49:18,97440) /opt/local/sbin/httpd -k start
(root,8696,6080,0.0/54-07:26:05,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/54-07:26:04,58482) /usr/lib/ssh/sshd
(root,303436,3952,0.0/19:49:48,96544) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3516,2296,0.0/00:00,3568) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,13228,5960,0.0/19:49:57,95532) /opt/local/sbin/httpd -k start
(www,12264,5204,0.0/19:49:57,95530) /opt/local/sbin/httpd -k start
(root,2016,1372,0.0/54-07:26:04,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/47-09:48:29,52953) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,303492,3828,0.0/19:49:48,96547) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2228,1400,0.0/54-07:26:04,58381) /usr/lib/saf/sac -t 300
(root,249112,5748,0.0/19:49:54,95796) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,12996,11592,0.1/54-07:26:10,57764) /lib/svc/bin/svc.configd
(mysql,818376,697372,0.0/54-07:26:04,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,1688,1204,0.0/00:00,3662) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,256204,33356,0.0/03:30:19,4545) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,7800,3340,0.0/34-12:27:31,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/54-07:26:04,58382) /usr/lib/utmpd
(root,11364,4220,0.0/19:49:57,95528) /opt/local/sbin/httpd -k start
(root,210128,165976,0.0/34-12:27:30,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(fpm,303488,3508,0.0/19:49:48,96550) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2200,1460,0.0/54-07:26:05,58326) /usr/sbin/cron
(root,11304,3532,0.0/54-07:26:03,58655) /opt/local/libexec/postfix/master -w
(php_dev.elementare-vielfalt.de,256204,33356,0.0/03:41:17,85960) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2632,1808,0.0/54-07:26:07,57964) /usr/lib/pfexecd
(php_dev.elementare-vielfalt.de,303492,3844,0.0/19:49:48,96545) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2380,1492,0.0/54-07:26:04,58400) /usr/lib/saf/ttymon
(postfix,11272,5180,0.0/01:06:08,4613) pickup -l -t unix -u
(root,8428,4528,0.0/54-07:26:04,58385) /usr/lib/inet/inetd start
(php_dev.elementare-vielfalt.de,256204,33452,0.0/03:09:19,33600) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2788,1896,0.0/54-07:26:10,57750) /sbin/init
(netadm,4140,2896,0.0/54-07:26:09,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/54-07:26:10,57762) /lib/svc/bin/svc.startd
(root,2476,1560,0.0/54-07:25:57,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,303492,3828,0.0/19:49:48,96546) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2023-08-22 23:49

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a006e6c9c1

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/52-15:13:42,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/35-23:02:35,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/52-15:13:48,57700) zsched
(daemon,7584,1688,0.0/06:54,67315) /usr/lib/ssh/sshd -R
(root,7576,4636,0.0/05:43,67907) /usr/lib/ssh/sshd -R
(fpm,303488,3544,0.0/03:37:26,50399) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12048,4120,0.0/03:37:35,49473) /opt/local/sbin/httpd -k start
(root,12640,9024,0.0/45-17:11:49,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26580,0.0/52-15:13:44,58033) /usr/sbin/nscd
(root,303436,3956,0.0/03:37:26,50390) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,1688,1204,0.0/00:00,75624) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,7448,4464,0.0/07:27,66196) /usr/lib/ssh/sshd -R
(root,249112,5708,0.0/03:37:33,49655) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2860,964,0.0/52-15:13:33,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/33-17:02:40,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,3516,1120,0.0/00:00,75622) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,8696,6080,0.0/52-15:13:42,58358) /opt/local/sbin/rsyslogd
(root,7448,4464,0.0/06:30,67513) /usr/lib/ssh/sshd -R
(root,7576,4636,0.0/06:54,67314) /usr/lib/ssh/sshd -R
(root,7516,1840,0.0/52-15:13:42,58482) /usr/lib/ssh/sshd
(www,12404,5312,0.0/03:37:35,49475) /opt/local/sbin/httpd -k start
(postfix,11272,5180,0.0/53:52,94962) pickup -l -t unix -u
(php_dev.elementare-vielfalt.de,256076,33264,0.0/03:37:32,49695) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12048,4124,0.0/03:37:35,49474) /opt/local/sbin/httpd -k start
(root,3516,2296,0.0/00:00,75592) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,2016,1372,0.0/52-15:13:42,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/45-17:36:06,52953) qmgr -l -t unix -u
(daemon,7584,1700,0.0/05:43,67908) /usr/lib/ssh/sshd -R
(fpm,303488,3508,0.0/03:37:26,50400) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,256076,32844,0.0/03:37:32,49698) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2228,1400,0.0/52-15:13:42,58381) /usr/lib/saf/sac -t 300
(root,5532,2512,0.0/00:00,75623) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,11364,4212,0.0/03:37:35,49472) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303492,3828,0.0/03:37:26,50394) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12488,5340,0.0/03:33:08,54844) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,256076,32856,0.0/03:37:32,49696) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,12932,11528,0.1/52-15:13:47,57764) /lib/svc/bin/svc.configd
(mysql,818376,697336,0.0/52-15:13:42,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,303492,3844,0.0/03:37:26,50393) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7800,3340,0.0/32-20:15:09,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/52-15:13:42,58382) /usr/lib/utmpd
(root,210128,165976,0.0/32-20:15:07,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(daemon,7584,1700,0.0/06:42,67372) /usr/lib/ssh/sshd -R
(root,2200,1460,0.0/52-15:13:42,58326) /usr/sbin/cron
(root,11304,3532,0.0/52-15:13:41,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/52-15:13:44,57964) /usr/lib/pfexecd
(root,2380,1492,0.0/52-15:13:42,58400) /usr/lib/saf/ttymon
(php_dev.elementare-vielfalt.de,303492,3828,0.0/03:37:26,50395) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,8428,4528,0.0/52-15:13:42,58385) /usr/lib/inet/inetd start
(root,2788,1896,0.0/52-15:13:48,57750) /sbin/init
(php_dev.elementare-vielfalt.de,256496,50356,0.0/03:37:32,49691) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(netadm,4140,2896,0.0/52-15:13:46,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/52-15:13:47,57762) /lib/svc/bin/svc.startd
(root,7576,4636,0.0/06:42,67371) /usr/lib/ssh/sshd -R
(root,2476,1560,0.0/52-15:13:34,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,303492,3828,0.0/03:37:26,50398) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2023-08-21 07:37

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0f5b901c5

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,5460,2476,0.0/00:00,7817) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,3368,2432,0.0/50-19:51:56,58328) /usr/sbin/auditd
(fpm,303488,3508,0.0/08:15:44,53253) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(haproxy,36816,24824,0.0/34-03:40:50,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/50-19:52:03,57700) zsched
(php_dev.elementare-vielfalt.de,303492,3828,0.0/08:15:44,53251) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3516,1120,0.0/00:00,7816) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,12640,9024,0.0/43-21:50:04,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,32040,26568,0.0/50-19:51:58,58033) /usr/sbin/nscd
(root,2860,964,0.0/50-19:51:47,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/31-21:40:55,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,3516,2296,0.0/00:00,7786) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,8632,6076,0.0/50-19:51:56,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/50-19:51:56,58482) /usr/lib/ssh/sshd
(php_dev.elementare-vielfalt.de,256760,51532,0.0/08:15:47,52902) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3844,0.0/08:15:44,53248) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12376,5272,0.0/08:15:49,52726) /opt/local/sbin/httpd -k start
(www,12048,4120,0.0/08:15:49,52725) /opt/local/sbin/httpd -k start
(root,2016,1372,0.0/50-19:51:56,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/43-22:14:20,52953) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,303492,3828,0.0/08:15:44,53249) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,7818) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,11364,4216,0.0/08:15:49,52724) /opt/local/sbin/httpd -k start
(root,2228,1400,0.0/50-19:51:56,58381) /usr/lib/saf/sac -t 300
(www,12268,5216,0.0/08:15:49,52727) /opt/local/sbin/httpd -k start
(fpm,303488,3544,0.0/08:15:44,53252) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,12868,11464,0.1/50-19:52:02,57764) /lib/svc/bin/svc.configd
(root,249112,5928,0.0/08:15:47,52895) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,303436,3952,0.0/08:15:44,53247) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(mysql,818376,697336,0.0/50-19:51:56,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(postfix,11272,5180,0.0/52:12,21844) pickup -l -t unix -u
(root,7800,3340,0.0/31-00:53:23,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/50-19:51:56,58382) /usr/lib/utmpd
(root,210128,165976,0.0/31-00:53:22,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(www,13136,5776,0.0/08:15:11,54676) /opt/local/sbin/httpd -k start
(root,2200,1460,0.0/50-19:51:56,58326) /usr/sbin/cron
(root,11304,3532,0.0/50-19:51:55,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/50-19:51:59,57964) /usr/lib/pfexecd
(root,2380,1492,0.0/50-19:51:56,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/50-19:51:56,58385) /usr/lib/inet/inetd start
(php_dev.elementare-vielfalt.de,256312,33984,0.0/08:15:47,52898) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2788,1896,0.0/50-19:52:02,57750) /sbin/init
(php_dev.elementare-vielfalt.de,256208,33392,0.0/08:15:47,52903) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(netadm,4140,2896,0.0/50-19:52:00,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/50-19:52:02,57762) /lib/svc/bin/svc.startd
(php_dev.elementare-vielfalt.de,256860,55420,0.0/08:15:47,52897) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3828,0.0/08:15:44,53250) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2476,1560,0.0/50-19:51:48,58850) /sbin/dhcpagent

Found on 2023-08-19 12:15

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0eacf7be8

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/49-19:08:25,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/33-02:57:18,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/49-19:08:31,57700) zsched
(root,12640,9024,0.0/42-21:06:32,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,31008,26544,0.0/49-19:08:27,58033) /usr/sbin/nscd
(php_dev.elementare-vielfalt.de,303428,3560,0.0/04:06:35,96602) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2860,964,0.0/49-19:08:16,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/30-20:57:23,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,5532,2512,0.0/00:00,72622) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(fpm,303424,3320,0.0/04:06:35,96605) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3516,2296,0.0/00:00,72589) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,8632,6072,0.0/49-19:08:25,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/49-19:08:24,58482) /usr/lib/ssh/sshd
(php_dev.elementare-vielfalt.de,254832,40604,0.0/48:16,99818) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,254640,36148,0.0/58:41,85786) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,11364,4220,0.0/07:32:17,82888) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303428,3576,0.0/04:06:35,96601) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2016,1372,0.0/49-19:08:24,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,249112,5696,0.0/04:06:35,96594) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11400,5336,0.0/42-21:30:49,52953) qmgr -l -t unix -u
(postfix,11272,5196,0.0/01:08:41,71036) pickup -l -t unix -u
(php_dev.elementare-vielfalt.de,303428,3564,0.0/04:06:35,96604) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3516,1120,0.0/00:00,72621) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,2228,1400,0.0/49-19:08:25,58381) /usr/lib/saf/sac -t 300
(php_dev.elementare-vielfalt.de,303428,3560,0.0/04:06:35,96603) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,12804,11400,0.1/49-19:08:30,57764) /lib/svc/bin/svc.configd
(fpm,303424,3284,0.0/04:06:35,96606) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,252512,36420,0.0/28:14,30272) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,303436,3768,0.0/04:06:35,96600) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,14456,6952,0.0/07:28:39,87248) /opt/local/sbin/httpd -k start
(mysql,818376,697320,0.0/49-19:08:25,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,7800,3340,0.0/30-00:09:51,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/49-19:08:25,58382) /usr/lib/utmpd
(root,210128,165976,0.0/30-00:09:50,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/49-19:08:25,58326) /usr/sbin/cron
(root,11304,3532,0.0/49-19:08:24,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/49-19:08:27,57964) /usr/lib/pfexecd
(root,2380,1492,0.0/49-19:08:24,58400) /usr/lib/saf/ttymon
(root,1688,1204,0.0/00:00,72623) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(www,12352,5240,0.0/07:32:17,82892) /opt/local/sbin/httpd -k start
(root,8428,4528,0.0/49-19:08:25,58385) /usr/lib/inet/inetd start
(www,13904,6444,0.0/07:32:17,82896) /opt/local/sbin/httpd -k start
(root,2788,1896,0.0/49-19:08:30,57750) /sbin/init
(netadm,4140,2896,0.0/49-19:08:29,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/49-19:08:30,57762) /lib/svc/bin/svc.startd
(www,13540,6168,0.0/07:32:17,82893) /opt/local/sbin/httpd -k start
(root,2476,1560,0.0/49-19:08:17,58850) /sbin/dhcpagent
(php_dev.elementare-vielfalt.de,252656,38492,0.0/58:57,85745) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf

Found on 2023-08-18 11:32

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0fa39031c

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,249112,5952,0.0/07:09:24,37639) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,3368,2432,0.0/48-18:45:33,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/32-02:34:26,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/48-18:45:40,57700) zsched
(php_dev.elementare-vielfalt.de,256076,33140,0.0/07:09:24,37644) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,12640,9024,0.0/41-20:43:41,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,31008,26528,0.0/48-18:45:35,58033) /usr/sbin/nscd
(php_dev.elementare-vielfalt.de,303492,3844,0.0/07:09:19,38168) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12600,5464,0.0/07:09:25,37505) /opt/local/sbin/httpd -k start
(root,2860,964,0.0/48-18:45:24,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/29-20:34:32,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8632,6060,0.0/48-18:45:33,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/48-18:45:33,58482) /usr/lib/ssh/sshd
(root,3516,2296,0.0/00:00,72799) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,303492,3828,0.0/07:09:19,38171) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7596,4772,0.0/00:01,72629) /usr/lib/ssh/sshd -R
(root,2016,1372,0.0/48-18:45:33,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/41-21:07:57,52953) qmgr -l -t unix -u
(daemon,7616,1904,0.0/00:01,72630) /usr/lib/ssh/sshd -R
(root,5532,2512,0.0/00:00,72830) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,3516,1120,0.0/00:00,72829) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(www,12048,4136,0.0/07:09:25,37503) /opt/local/sbin/httpd -k start
(root,303436,3952,0.0/07:09:19,38167) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2228,1400,0.0/48-18:45:33,58381) /usr/lib/saf/sac -t 300
(php_dev.elementare-vielfalt.de,256496,50672,0.0/07:09:24,37643) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,12804,11392,0.1/48-18:45:38,57764) /lib/svc/bin/svc.configd
(mysql,815172,692852,0.0/48-18:45:33,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(postfix,11272,5180,0.0/05:51,64284) pickup -l -t unix -u
(php_dev.elementare-vielfalt.de,303492,3828,0.0/07:09:19,38170) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7800,3340,0.0/28-23:47:00,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/48-18:45:33,58382) /usr/lib/utmpd
(root,210128,165976,0.0/28-23:46:59,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/48-18:45:33,58326) /usr/sbin/cron
(root,11304,3532,0.0/48-18:45:32,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/48-18:45:36,57964) /usr/lib/pfexecd
(root,2380,1492,0.0/48-18:45:33,58400) /usr/lib/saf/ttymon
(root,1688,1204,0.0/00:00,72831) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(php_dev.elementare-vielfalt.de,256076,32644,0.0/07:09:24,37646) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,8428,4528,0.0/48-18:45:33,58385) /usr/lib/inet/inetd start
(fpm,303488,3508,0.0/07:09:19,38173) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(www,12584,5508,0.0/07:09:25,37504) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303492,3828,0.0/07:09:19,38169) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2788,1896,0.0/48-18:45:39,57750) /sbin/init
(root,11364,4220,0.0/07:09:25,37502) /opt/local/sbin/httpd -k start
(netadm,4140,2896,0.0/48-18:45:37,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/48-18:45:38,57762) /lib/svc/bin/svc.startd
(www,12956,5756,0.0/07:03:43,46694) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,256076,32660,0.0/07:09:24,37645) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(fpm,303488,3544,0.0/07:09:19,38172) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2476,1560,0.0/48-18:45:25,58850) /sbin/dhcpagent

Found on 2023-08-17 11:09

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0a2d01029

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(www,14108,6648,0.0/06:36:21,68518) /opt/local/sbin/httpd -k start
(root,3368,2432,0.0/47-18:13:07,58328) /usr/sbin/auditd
(fpm,303488,3508,0.0/06:36:53,67322) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(haproxy,36816,24824,0.0/31-02:02:00,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/47-18:13:13,57700) zsched
(www,12400,5360,0.0/06:37:00,66448) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303492,3828,0.0/06:36:53,67318) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,12640,9024,0.0/40-20:11:14,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,31008,26508,0.0/47-18:13:08,58033) /usr/sbin/nscd
(root,303436,3952,0.0/06:36:53,67304) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2860,964,0.0/47-18:12:58,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/28-20:02:05,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8632,6056,0.0/47-18:13:07,58358) /opt/local/sbin/rsyslogd
(root,3516,1120,0.0/00:00,44251) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,5532,2512,0.0/00:00,44252) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,7516,1840,0.0/47-18:13:06,58482) /usr/lib/ssh/sshd
(fpm,303488,3544,0.0/06:36:53,67319) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2016,1372,0.0/47-18:13:06,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,1688,1204,0.0/00:00,44253) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(postfix,11400,5336,0.0/40-20:35:31,52953) qmgr -l -t unix -u
(root,11364,4224,0.0/06:37:00,66446) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,303492,3828,0.0/06:36:53,67317) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,286564,92468,0.0/06:36:57,66771) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11272,5180,0.0/33:31,93065) pickup -l -t unix -u
(root,2228,1400,0.0/47-18:13:06,58381) /usr/lib/saf/sac -t 300
(php_dev.elementare-vielfalt.de,303492,3844,0.0/06:36:53,67312) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3516,2304,0.0/00:00,44220) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,303492,3828,0.0/06:36:53,67314) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,12740,11336,0.1/47-18:13:12,57764) /lib/svc/bin/svc.configd
(php_dev.elementare-vielfalt.de,287868,81260,0.0/06:36:57,66776) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,802844,681708,0.0/47-18:13:07,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,7800,3340,0.0/27-23:14:33,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/47-18:13:06,58382) /usr/lib/utmpd
(root,210128,165972,0.0/27-23:14:32,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(php_dev.elementare-vielfalt.de,277696,67616,0.0/06:36:57,66773) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2200,1460,0.0/47-18:13:07,58326) /usr/sbin/cron
(root,11304,3532,0.0/47-18:13:06,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/47-18:13:09,57964) /usr/lib/pfexecd
(www,13452,6120,0.0/06:37:00,66449) /opt/local/sbin/httpd -k start
(root,2380,1492,0.0/47-18:13:06,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/47-18:13:06,58385) /usr/lib/inet/inetd start
(root,2788,1896,0.0/47-18:13:12,57750) /sbin/init
(php_dev.elementare-vielfalt.de,285888,75468,0.0/06:36:57,66772) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(netadm,4140,2896,0.0/47-18:13:11,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/47-18:13:12,57762) /lib/svc/bin/svc.startd
(root,249112,5868,0.0/06:36:57,66769) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(www,12264,5180,0.0/06:37:00,66447) /opt/local/sbin/httpd -k start
(root,2476,1560,0.0/47-18:12:59,58850) /sbin/dhcpagent

Found on 2023-08-16 10:37

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0ec674118

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,249112,6132,0.0/15:39:07,87859) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(fpm,303488,3508,0.0/15:39:03,88409) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,3368,2432,0.0/47-03:15:18,58328) /usr/sbin/auditd
(php_dev.elementare-vielfalt.de,256460,41336,0.0/09:51:30,94094) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(haproxy,36816,24824,0.0/30-11:04:11,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/47-03:15:24,57700) zsched
(root,5532,2512,0.0/00:00,51878) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(www,12048,4096,0.0/15:39:10,87571) /opt/local/sbin/httpd -k start
(root,12640,9024,0.0/40-05:13:25,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,31008,26476,0.0/47-03:15:19,58033) /usr/sbin/nscd
(root,303436,3952,0.0/15:39:03,88400) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,256396,40872,0.0/09:51:28,94104) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2860,964,0.0/47-03:15:09,58862) /usr/lib/inet/in.ndpd
(redis,11180,7876,0.0/28-05:04:16,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8632,6056,0.0/47-03:15:17,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/47-03:15:17,58482) /usr/lib/ssh/sshd
(www,12400,5364,0.0/15:39:10,87572) /opt/local/sbin/httpd -k start
(fpm,303488,3544,0.0/15:39:03,88408) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(postfix,11272,5180,0.0/35:42,3892) pickup -l -t unix -u
(root,2016,1372,0.0/47-03:15:17,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/40-05:37:41,52953) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,303492,3828,0.0/15:39:03,88407) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,3516,2304,0.0/00:00,51842) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,11364,4180,0.0/15:39:10,87570) /opt/local/sbin/httpd -k start
(root,2228,1400,0.0/47-03:15:17,58381) /usr/lib/saf/sac -t 300
(php_dev.elementare-vielfalt.de,256140,34912,0.0/04:22:27,84104) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,12740,11284,0.1/47-03:15:23,57764) /lib/svc/bin/svc.configd
(mysql,802844,681660,0.0/47-03:15:17,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(root,7800,3340,0.0/27-08:16:44,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/47-03:15:17,58382) /usr/lib/utmpd
(root,210128,165968,0.0/27-08:16:43,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(www,13444,6184,0.0/15:39:10,87573) /opt/local/sbin/httpd -k start
(root,2200,1460,0.0/47-03:15:18,58326) /usr/sbin/cron
(root,11304,3532,0.0/47-03:15:16,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/47-03:15:20,57964) /usr/lib/pfexecd
(php_dev.elementare-vielfalt.de,256204,34972,0.0/03:57:33,19585) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2380,1492,0.0/47-03:15:17,58400) /usr/lib/saf/ttymon
(www,14372,6888,0.0/15:28:34,3180) /opt/local/sbin/httpd -k start
(root,1688,1204,0.0/00:00,51879) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,8428,4528,0.0/47-03:15:17,58385) /usr/lib/inet/inetd start
(root,2788,1896,0.0/47-03:15:23,57750) /sbin/init
(php_dev.elementare-vielfalt.de,303492,3828,0.0/15:39:03,88406) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(netadm,4140,2896,0.0/47-03:15:22,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/47-03:15:23,57762) /lib/svc/bin/svc.startd
(root,3516,1120,0.0/00:00,51877) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(php_dev.elementare-vielfalt.de,303492,3844,0.0/15:39:03,88404) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3828,0.0/15:39:03,88405) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,2476,1560,0.0/47-03:15:10,58850) /sbin/dhcpagent

Found on 2023-08-15 19:39

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0224b42d1

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3516,1120,0.0/00:00,62367) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,3368,2432,0.0/40-14:19:17,58328) /usr/sbin/auditd
(php_dev.elementare-vielfalt.de,303492,3852,0.0/02:43:01,22007) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(haproxy,36816,24824,0.0/23-22:08:10,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,0,0,0.0/40-14:19:23,57700) zsched
(php_dev.elementare-vielfalt.de,256076,32468,0.0/02:43:07,21344) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,1688,1204,0.0/00:00,62369) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,12640,9024,0.0/33-16:17:24,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(root,30504,25880,0.0/40-14:19:18,58033) /usr/sbin/nscd
(root,303436,3980,0.0/02:43:01,22002) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2860,964,0.0/40-14:19:08,58862) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,303492,3852,0.0/02:43:01,22006) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(redis,11180,7876,0.0/21-16:08:15,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(php_dev.elementare-vielfalt.de,303492,3852,0.0/02:43:01,22005) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12264,5188,0.0/02:43:10,20863) /opt/local/sbin/httpd -k start
(root,8568,6012,0.0/40-14:19:16,58358) /opt/local/sbin/rsyslogd
(root,7516,1840,0.0/40-14:19:16,58482) /usr/lib/ssh/sshd
(root,3516,2304,0.0/00:00,62326) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(postfix,11272,5180,0.0/20:07,33226) pickup -l -t unix -u
(root,249112,5948,0.0/02:43:07,21340) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1372,0.0/40-14:19:16,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(postfix,11400,5336,0.0/33-16:41:40,52953) qmgr -l -t unix -u
(www,12400,5312,0.0/02:36:35,32386) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,256076,35004,0.0/02:43:07,21343) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2228,1400,0.0/40-14:19:16,58381) /usr/lib/saf/sac -t 300
(daemon,7592,1812,0.0/00:01,62042) /usr/lib/ssh/sshd -R
(www,12352,5240,0.0/02:43:10,20864) /opt/local/sbin/httpd -k start
(php_dev.elementare-vielfalt.de,256012,32388,0.0/02:43:07,21345) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,12484,11080,0.1/40-14:19:22,57764) /lib/svc/bin/svc.configd
(php_dev.elementare-vielfalt.de,256496,50460,0.0/02:43:07,21342) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,783780,663484,0.0/40-14:19:16,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,303492,3868,0.0/02:43:01,22003) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7800,3340,0.0/20-19:20:43,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/40-14:19:16,58382) /usr/lib/utmpd
(root,210032,165752,0.0/20-19:20:42,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/40-14:19:17,58326) /usr/sbin/cron
(root,11304,3532,0.0/40-14:19:15,58655) /opt/local/libexec/postfix/master -w
(root,2632,1808,0.0/40-14:19:19,57964) /usr/lib/pfexecd
(root,2380,1492,0.0/40-14:19:16,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/40-14:19:16,58385) /usr/lib/inet/inetd start
(root,11364,4216,0.0/02:43:10,20861) /opt/local/sbin/httpd -k start
(root,2788,1896,0.0/40-14:19:22,57750) /sbin/init
(netadm,4140,2896,0.0/40-14:19:21,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/40-14:19:22,57762) /lib/svc/bin/svc.startd
(fpm,303488,3568,0.0/02:43:01,22008) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,7576,4628,0.0/00:01,62041) /usr/lib/ssh/sshd -R
(root,5532,2512,0.0/00:00,62368) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(root,2476,1560,0.0/40-14:19:09,58850) /sbin/dhcpagent
(www,12264,5180,0.0/02:43:10,20862) /opt/local/sbin/httpd -k start
(fpm,303488,3532,0.0/02:43:01,22009) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf

Found on 2023-08-09 06:43

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb08750b91d5acf1137a016dc31b07e1a0ab619ece

Found public CheckMk agent:
Version: 1.6.0p14
AgentOS: solaris
Hostname: dev
AgentDirectory: /opt/local/etc/check_mk
DataDirectory: /opt/local/var/lib/check_mk_agent
SpoolDirectory: 
PluginsDirectory: /opt/local/usr/lib/check_mk_agent/plugins
LocalDirectory: /opt/local/usr/lib/check_mk_agent/local

Found process list through CheckMk:
(root,3368,2432,0.0/38-03:20:21,58328) /usr/sbin/auditd
(haproxy,36816,24824,0.0/21-11:09:14,54076) /opt/local/sbin/haproxy -f /opt/local/etc/haproxy.cfg -D 
(root,3516,1120,0.0/00:00,9745) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(root,0,0,0.0/38-03:20:27,57700) zsched
(root,1688,1204,0.0/00:00,9747) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*
(root,12640,9024,0.0/31-05:18:28,99198) /opt/local/bin/perl /opt/uplex/bin/ipf_dns.pl -cmd svcadm refresh ipfilter -every 600 
(postfix,11272,5180,0.0/01:21:21,95686) pickup -l -t unix -u
(root,29988,25812,0.0/38-03:20:23,58033) /usr/sbin/nscd
(www,12264,5184,0.0/15:44:13,14492) /opt/local/sbin/httpd -k start
(root,2860,964,0.0/38-03:20:12,58862) /usr/lib/inet/in.ndpd
(php_dev.elementare-vielfalt.de,303492,3804,0.0/15:44:08,15201) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(redis,11180,7876,0.0/19-05:09:19,48697) /usr/local/bin/redis-server /opt/local/etc/redis-server/redis.conf 
(root,8568,5992,0.0/38-03:20:21,58358) /opt/local/sbin/rsyslogd
(php_dev.elementare-vielfalt.de,303492,3820,0.0/15:44:08,15199) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(www,12872,5608,0.0/15:37:39,25816) /opt/local/sbin/httpd -k start
(root,7516,1840,0.0/38-03:20:20,58482) /usr/lib/ssh/sshd
(root,5532,2512,0.0/00:00,9746) ps -o user,vsz,rss,pcpu,etime,pid,args -z fb4bb5ba-8706-e10d-d1bc-edaf559aa273
(php_dev.elementare-vielfalt.de,255132,61836,0.0/15:44:11,14670) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2016,1372,0.0/38-03:20:21,58418) /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p dev console login: 
(root,249112,5960,0.0/15:44:12,14665) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(postfix,11400,5336,0.0/31-05:42:45,52953) qmgr -l -t unix -u
(php_dev.elementare-vielfalt.de,254160,31244,0.0/15:44:11,14674) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(root,2228,1400,0.0/38-03:20:21,58381) /usr/lib/saf/sac -t 300
(fpm,303488,3484,0.0/15:44:08,15204) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,12356,10952,0.1/38-03:20:26,57764) /lib/svc/bin/svc.configd
(php_dev.elementare-vielfalt.de,254392,39988,0.0/15:44:11,14671) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(mysql,734928,617784,0.0/38-03:20:21,58362) /opt/local/sbin/mysqld --user=mysql --basedir=/opt/local --datadir=/opt/local/var/mysql --pid-file=/var/mysql/mysql.pid --log-error=/var/log/mysql/error.log 
(php_dev.elementare-vielfalt.de,254160,31240,0.0/15:44:11,14673) /opt/local/php-8.1/sbin/php-fpm -y /opt/local/php-8.1/etc/php-fpm.conf 
(php_dev.elementare-vielfalt.de,303492,3804,0.0/15:44:08,15202) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,7800,3340,0.0/18-08:21:47,91059) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,1724,1040,0.0/38-03:20:21,58382) /usr/lib/utmpd
(root,303436,3928,0.0/15:44:08,15198) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(php_dev.elementare-vielfalt.de,303492,3804,0.0/15:44:08,15200) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf 
(root,209992,165700,0.0/18-08:21:46,91091) /opt/local/sbin/varnishd -a /var/run/varnish.sock,PROXY,user=varnish,group=haproxy,mode=660 -l 64M -f /opt/local/etc/varnish/default.vcl -s malloc,512M -T 127.0.0.1:8083 -p workspace_backend=96k -p thread_pool_min=500 -p first_byte_timeout=600 
(root,2200,1460,0.0/38-03:20:21,58326) /usr/sbin/cron
(root,11304,3532,0.0/38-03:20:20,58655) /opt/local/libexec/postfix/master -w
(www,12852,5580,0.0/15:44:13,14496) /opt/local/sbin/httpd -k start
(root,2632,1808,0.0/38-03:20:23,57964) /usr/lib/pfexecd
(root,2380,1492,0.0/38-03:20:21,58400) /usr/lib/saf/ttymon
(root,8428,4528,0.0/38-03:20:21,58385) /usr/lib/inet/inetd start
(fpm,303488,3520,0.0/15:44:08,15203) /opt/local/sbin/php-fpm -y /opt/local/etc/php-fpm.conf
(root,2788,1896,0.0/38-03:20:26,57750) /sbin/init
(root,3516,2296,0.0/00:00,9715) /usr/bin/bash /opt/check_mk/bin/check_mk_agent
(netadm,4140,2896,0.0/38-03:20:25,57824) /lib/inet/ipmgmtd
(root,7708,6072,0.0/38-03:20:26,57762) /lib/svc/bin/svc.startd
(www,12352,5236,0.0/15:44:13,14494) /opt/local/sbin/httpd -k start
(root,2476,1560,0.0/38-03:20:13,58850) /sbin/dhcpagent
(root,7448,4360,0.0/03:56,7440) /usr/lib/ssh/sshd -R
(root,11364,4216,0.0/15:44:13,14489) /opt/local/sbin/httpd -k start

Found on 2023-08-06 19:44

Host 213.238.34.162

Germany

CheckMK monitoring endpoint publicly available

Domain summary