| Timestamp | Source IP | Source Port | Destination IP | Destination Port | Protocol | GID | SID | REV | Signature | Category | Severity |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 2026-04-13 11:23:59.470 | 192.168.3.106 [VT] | 61422 | 8.8.8.8 [VT] | 53 | UDP | 1 | 2037168 | 1 | ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (mcsharepoint .com) | Misc activity | 3 |
| 2026-04-13 11:24:00.632 | 150.171.109.216 [VT] | 443 | 192.168.3.106 [VT] | 49240 | TCP | 1 | 2037205 | 1 | ET INFO Observed Microsoft Attack Simulation Training SSL Cert (attemplate .com) | Misc activity | 3 |
| 2026-04-13 11:24:01.245 | 150.171.109.216 [VT] | 443 | 192.168.3.106 [VT] | 49242 | TCP | 1 | 2037205 | 1 | ET INFO Observed Microsoft Attack Simulation Training SSL Cert (attemplate .com) | Misc activity | 3 |
| 2026-04-13 11:24:01.629 | 150.171.109.216 [VT] | 443 | 192.168.3.106 [VT] | 49245 | TCP | 1 | 2037205 | 1 | ET INFO Observed Microsoft Attack Simulation Training SSL Cert (attemplate .com) | Misc activity | 3 |