{"info":{"_postman_id":"d137aeda-6380-49ba-9588-bdb932d9946e","name":"Lumu Defender API - Postman Tutorial","description":"<html><head></head><body><p><a href=\"https://lumu.io\">Lumu</a></p>\n<p>is a cloud-based security technology that provides you with visibility into threats, attacks, and adversaries affecting your entire enterprise, across all your enterprise environments.</p>\n<p>To get started with Lumu, visit <a href=\"https://docs.lumu.io/portal/en/home\">our documentation</a>.</p>\n<p>The <strong>Lumu Defender API</strong> offers a framework to help you leverage the Lumu integration with various third-party solutions.</p>\n<p>The Lumu Defender API is based on HTTP requests and JSON responses and it is language agnostic and supports incoming and outgoing information. All API calls are encrypted using HTTPS (HTTP over SSL/TLS) and authenticated API key-based authentication.</p>\n<img src=\"https://desk.zoho.com/DocsDisplay?zgId=694632768&amp;mode=inline&amp;blockId=k87ha1485ec187fca4b2c9e106e2c1af573f9\" alt=\"Lumu Defender API\">\n\n<h1 id=\"whats-in-the-collection\">What's in the collection?</h1>\n<p>The following resources are accessible via the Lumu Defender API. These are core concepts of Lumu Portal that you should familiarize yourself with.</p>\n<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th>Resource</th>\n<th>Description</th>\n</tr>\n</thead>\n<tbody>\n<tr>\n<td><code>administration</code></td>\n<td>For retrieving users and labels’ data.</td>\n</tr>\n<tr>\n<td><code>incidents</code></td>\n<td>For subscribing, retrieving incident data, and managing their status.</td>\n</tr>\n<tr>\n<td><code>adversarial-activity</code></td>\n<td>For retrieving all adversarial activity found on your perimeters.</td>\n</tr>\n<tr>\n<td><code>spambox</code></td>\n<td>For retrieving the adversarial activity related to your Spambox.</td>\n</tr>\n<tr>\n<td><code>Portal Management</code></td>\n<td>The Lumu Portal records the activities and configurations made on the Portal, allowing administrators to keep track of the changes and ensure compliance with your company’s policies.</td>\n</tr>\n</tbody>\n</table>\n</div><blockquote>\n<p>For in depth API specification, such as syntax, pagination, date format, error responses, rate limit and more, consult our documentation / support. </p>\n</blockquote>\n<h1 id=\"get-started-and-support\">Get started and support</h1>\n<h2 id=\"access-and-authentication\">Access and authentication</h2>\n<p>The Defender API requires each client to use a unique and personal API key, referred to in our documentation as <code>{company-key}</code>. The company’s API key is found in the Defender menu of the Lumu Portal and is self-managed by company administrators.</p>\n<img src=\"https://desk.zoho.com/DocsDisplay?zgId=694632768&amp;mode=inline&amp;blockId=k87ha072189a6aaff40f39bbfd2acd23dd647\" alt=\"Lumu Defender API\">\n\n<h2 id=\"quick-setup\">Quick Setup</h2>\n<p><a href=\"https://www.getpostman.com/\">Postman</a> is a tool for exploring and testing APIs. This Postman collection, which is a group of API requests, contains a set of requests that provides you with Lumu Defender API endpoint requirements, request parameters, and response messages samples.</p>\n<p>Click the button <strong>Run in Postman</strong> to automatically open the Postman collection.</p>\n<p>Once you've imported the collection to Postman, you will need to inform your company's API key from the Lumu Portal, for this, click in the collection, then go to the \"Variables\" (1) tab and add your company unique API key (2).</p>\n<img src=\"https://desk.zoho.com/DocsDisplay?zgId=694632768&amp;mode=inline&amp;blockId=0nzsqc679f8d0e5bd49c8b2aaad5e5c469f74\" alt=\"Postman Setup\">\n\n<h2 id=\"tutorial-structure\">Tutorial Structure</h2>\n<p>The Postman collection is broken into four subfolders. They are organized in a way that introduces the Lumu resources that are available through the Lumu Defender API.</p>\n<p>Each folder and request in the collection has a description. Some of these descriptions contain important information, such as prerequisites for running the request or information that should be replaced with actual data to perform your query. After selecting the request in Postman, you can click the documentation icon to see the request details (1). Each request includes the query (2) and body parameters description (when applicable).</p>\n<img src=\"https://desk.zoho.com/DocsDisplay?zgId=694632768&amp;mode=inline&amp;blockId=0nzsq5587eebdc76f4ee7945c09090f40a2a9\" alt=\"Postman Setup\">\n\n<p>Each request includes a response example for the status 200 (1), you can see each sample inside the query, as in the following image:</p>\n<img src=\"https://desk.zoho.com/DocsDisplay?zgId=694632768&amp;mode=inline&amp;blockId=0nzsq8d34d21159cc476eb427c81283b74fd6\" alt=\"Postman Setup\">\n\n<p><em><strong>NOTE</strong></em>: the examples of responses in this collection are not comprehensive of all parameter configurations or operations. The examples of responses intend to show the basic information provided by the API call, the format, and how that information is structured and labeled. The actual response can include more parameters.</p>\n</body></html>","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[{"content":"What's in the collection?","slug":"whats-in-the-collection"},{"content":"Get started and support","slug":"get-started-and-support"}],"owner":"8464717","collectionId":"d137aeda-6380-49ba-9588-bdb932d9946e","publishedId":"TzRVfmh9","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"333333","highlight":"f78e1e"},"publishDate":"2021-05-14T15:23:45.000Z"},"item":[{"name":"Working with Users and Labels","item":[{"name":"Retrieve labels","id":"434c9c55-afeb-4734-a5ac-2dbe3c36fa21","protocolProfileBehavior":{"disableBodyPruning":true,"disabledSystemHeaders":{}},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/administration/labels?key=","description":"<p>Get a paginated list of all the labels created for the company and its details such as id, name and business relevance. The items are sorted by the label id in ascending order.</p>\n","urlObject":{"protocol":"https","path":["api","administration","labels"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"126e20a4-82e1-4b1f-bae6-251a96c893c5","name":"Retrieve labels","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/administration/labels?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","administration","labels"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\r\n    \"labels\": [\r\n        {\r\n            \"id\": 1, \r\n            \"name\": \"Sales\", \r\n            \"relevance\": 3 //Business relevance. The possible values are 1 (low), 2 (medium) and 3 (high).\r\n        }, \r\n        {\r\n            \"id\": 2, \r\n            \"name\": \"Customers\", \r\n            \"relevance\": 1\r\n        }, \r\n    ],\r\n   \"paginationInfo\": {\r\n        \"page\": 2, \r\n        \"items\": 2, \r\n        \"next\": 3, \r\n        \"prev\": 1\r\n    }\r\n}"}],"_postman_id":"434c9c55-afeb-4734-a5ac-2dbe3c36fa21"},{"name":"Retrieve a specific label","id":"5272076a-a4d7-44d9-968d-d57ff2af8e25","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/administration/labels/{label-id}?key=","description":"<p>Get details such as id, name and business relevance from a specific label.</p>\n<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{label-id}</code></th>\n<th>ID of the specific label</th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div>","urlObject":{"protocol":"https","path":["api","administration","labels","{label-id}"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"3e0c1da7-ad8f-423c-aa8f-cc04aa407563","name":"Retrieve a specific label","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/administration/labels/1?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3","protocol":"https","host":["defender","lumu","io"],"path":["api","administration","labels","1"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"id\": 1,\n    \"name\": \"Sales\",\n    \"relevance\": 3 //Business relevance. The possible values are 1 (low), 2 (medium) and 3 (high).\n}"}],"_postman_id":"5272076a-a4d7-44d9-968d-d57ff2af8e25"},{"name":"Retrieve users","id":"d2e57a58-9483-405a-b4a4-58c2b937f87a","protocolProfileBehavior":{"disableBodyPruning":true,"disabledSystemHeaders":{}},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/administration/users?key=","description":"<p>Get a paginated list of all the users registered in the company and their details. The items are sorted by the user id in ascending order.</p>\n","urlObject":{"protocol":"https","path":["api","administration","users"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"9827342d-1fc7-44fe-8dea-30c3d4860fd5","name":"Retrieve users","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/administration/users?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","administration","users"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"users\": [\n        {\n            \"id\": 1,\n            \"role\": \"admin\",\n            \"email\": \"john@company.com\",\n            \"name\": \"John Doe\",\n            \"time_zone\": \"Etc/UTC\",\n            \"deactivated\": false\n        },\n        {\n            \"id\": 2,\n            \"role\": \"admin\",\n            \"email\": \"sara@company.com\",\n            \"name\": \"Sara Green\",\n            \"time_zone\": \"Etc/UTC\",\n            \"deactivated\": false //User account status. The two possible values are `false`(user is active) and `true`(user is deactivated). A deactivated account is unable to login into the Lumu Portal.\n        }\n    ],\n    \"paginationInfo\": {\n        \"page\": 2,\n        \"items\": 2,\n        \"next\": 3,\n        \"prev\": 1\n    }\n}"}],"_postman_id":"d2e57a58-9483-405a-b4a4-58c2b937f87a"},{"name":"Retrieve a specific user","id":"6c65e8ce-b806-4a1a-8043-ba117c7a6281","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/administration/users/{user-id}?key=","description":"<p>Get specific user details such as id, name, and role.</p>\n<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{{user-id}}</code></th>\n<th>ID of the specific user</th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div>","urlObject":{"protocol":"https","path":["api","administration","users","{user-id}"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"5aa5270e-85e9-41bf-9b31-4192faac4163","name":"Retrieve a specific user","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/administration/users/2?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3","protocol":"https","host":["defender","lumu","io"],"path":["api","administration","users","2"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"}]}},"code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"id\": 2,\n    \"role\": \"admin\",\n    \"email\": \"sara@company.com\",\n    \"name\": \"Sara Green\",\n    \"time_zone\": \"Etc/UTC\",\n    \"deactivated\": false //User account status. The two possible values are `false`(user is active) and `true`(user is deactivated). A deactivated account is unable to login into the Lumu Portal.\n}"}],"_postman_id":"6c65e8ce-b806-4a1a-8043-ba117c7a6281"}],"id":"9863dbd6-ad26-4364-9f6a-7201deb24355","description":"<p>The <code>/administration</code> endpoints contain information about labels and users of the company. Labels help identify and classify compromise distribution across your infrastructure.</p>\n<blockquote>\n<p>Consult our documentation for getting started with <a href=\"https://docs.lumu.io/portal/en/kb/articles/labels\">Labels</a> and <a href=\"https://docs.lumu.io/portal/en/kb/articles/mailing-accounts\">Accounts</a>.</p>\n</blockquote>\n","event":[{"listen":"prerequest","script":{"type":"text/javascript","exec":[""],"id":"a80d5831-8152-44b8-b8d7-bb30997527dd"}},{"listen":"test","script":{"type":"text/javascript","exec":[""],"id":"0ff95314-0593-4ca6-99e2-183bed931bda"}}],"_postman_id":"9863dbd6-ad26-4364-9f6a-7201deb24355"},{"name":"Working with Incidents [NEW]","item":[{"name":"Get all incidents","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"74db256b-2b9a-4531-8406-df9257f6e403"}}],"id":"369929d1-566c-42ea-9823-6babf94eb2f6","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"fromDate\": \"2026-01-01T00:16:33.160672148Z\", //Search start date. The default value is 7 days before the current date. \r\n  \"toDate\": \"2026-01-31T23:59:59.160698480Z\", //Search end date. The default value is the current date.\r\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\r\n  \"labels\": [1, 2, 3], //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n  \"status\": [\"open\", \"muted\", \"closed\"] //Incident status. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/all?key=","urlObject":{"protocol":"https","path":["api","secops","incidents","all"],"host":["defender","lumu","io"],"query":[{"key":"key","value":""}],"variable":[]}},"response":[{"id":"b4a32d9f-64bc-4810-8b23-da229506db76","name":"Get all incidents","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"fromDate\": \"2026-01-01T00:16:33.160672148Z\", //Search start date. The default value is 7 days before the current date. \r\n  \"toDate\": \"2026-01-31T23:59:59.160698480Z\", //Search end date. The default value is the current date.\r\n  \"adversary-types\": [], //Adversary types. If not specified, all objects are returned.\r\n  \"labels\": [], //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n  \"status\": [] //Incident status. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/all?key=","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","all"],"query":[{"key":"key","value":""}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"id\": \"d3db9100-fd92-11f0-a001-9d0905147b8a\",\n            \"timestamp\": \"2026-01-30T04:19:10.992Z\",\n            \"status\": \"open\",\n            \"statusTimestamp\": \"2026-01-30T04:19:10.992Z\",\n            \"incidentGroupingFields\": {\n                \"src_ip\": \"192.168.5.22\",\n                \"src_label\": \"2\"\n            },\n            \"detectorType\": \"network-access-abuse-detector\",\n            \"incidentType\": \"network-brute-force\",\n            \"totalEvents\": 10,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-01-30T04:14:00Z\",\n                \"id\": \"1a74cc40-fd92-11f0-83bb-9a0ae04d690a\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-01-30T04:16:59.820Z\",\n                \"id\": \"859e9320-fd92-11f0-83bb-9a0ae04d690a\"\n            },\n            \"adversaryTypes\": [\n                \"Network Brute Force\"\n            ],\n            \"description\": \"Potential brute-force activity or protocol abuse.\",\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"2\",\n                        \"type\": \"network-label\"\n                    },\n                    \"count\": 10\n                }\n            ],\n            \"counts\": {\n                \"endpointTargetsCount\": 1,\n                \"userTargetsCount\": 0,\n                \"otherTargetsCount\": 0,\n                \"totalTargetsCount\": 1,\n                \"offendersCount\": 1\n            },\n            \"offendersSamples\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"192.168.5.22\",\n                    \"endpoint_ip\": \"192.168.5.22\",\n                    \"label\": \"2\"\n                }\n            ],\n            \"targetsSamples\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"192.168.1.20\",\n                    \"endpoint_ip\": \"192.168.1.20\",\n                    \"label\": \"2\"\n                }\n            ],\n            \"unread\": true,\n            \"hasPlaybackEvents\": false,\n            \"autopilotOperation\": null,\n            \"integrationsThatResponded\": [],\n            \"builtInResponseTypes\": [],\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"packages_sent\",\n                    \"value\": 196831\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"elapsed_time_ms\",\n                    \"value\": 179100\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"requests_sent\",\n                    \"value\": 2000\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"duration_ms\",\n                    \"value\": 14095516\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"bytes_sent\",\n                    \"value\": 13777291\n                }\n            ],\n            \"eventsGroupingsCount\": 1\n        },\n        {\n            \"id\": \"b0c04ad0-fd92-11f0-a001-9d0905147b8a\",\n            \"timestamp\": \"2026-01-30T04:18:12.093Z\",\n            \"status\": \"open\",\n            \"statusTimestamp\": \"2026-01-30T04:18:12.093Z\",\n            \"incidentGroupingFields\": {\n                \"domain\": \"QA\",\n                \"user_name\": \"rfandino\"\n            },\n            \"detectorType\": \"unusual-login-detector\",\n            \"incidentType\": \"unusual-login\",\n            \"totalEvents\": 2,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-01-29T04:18:00Z\",\n                \"id\": \"b0b61d6c-fd92-11f0-b960-1e50caf39e4c\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-01-29T09:18:00Z\",\n                \"id\": \"b0b610ec-fd92-11f0-b960-1e50caf39e4c\"\n            },\n            \"adversaryTypes\": [\n                \"Unusual Login\"\n            ],\n            \"description\": \"Logged in at an unusual time or on an uncommon day\",\n            \"environmentStats\": [],\n            \"counts\": {\n                \"endpointTargetsCount\": 0,\n                \"userTargetsCount\": 1,\n                \"otherTargetsCount\": 0,\n                \"totalTargetsCount\": 1,\n                \"offendersCount\": 1\n            },\n            \"offendersSamples\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"endpoint_ip\": \"192.168.1.100\",\n                    \"name\": \"WORKSTATION1\"\n                }\n            ],\n            \"targetsSamples\": [\n                {\n                    \"type\": \"user\",\n                    \"realm\": \"QA\",\n                    \"name\": \"rfandino\"\n                }\n            ],\n            \"unread\": true,\n            \"hasPlaybackEvents\": false,\n            \"autopilotOperation\": null,\n            \"integrationsThatResponded\": [],\n            \"builtInResponseTypes\": [],\n            \"accumulators\": [],\n            \"eventsGroupingsCount\": 0\n        },\n        {\n            \"id\": \"aab11570-fd92-11f0-a001-9d0905147b8a\",\n            \"timestamp\": \"2026-01-30T04:18:01.927Z\",\n            \"status\": \"open\",\n            \"statusTimestamp\": \"2026-01-30T04:18:01.927Z\",\n            \"incidentGroupingFields\": {\n                \"domain\": \"testJor.lumu\"\n            },\n            \"detectorType\": \"login-brute-force-detector\",\n            \"incidentType\": \"login-brute-force\",\n            \"totalEvents\": 1,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-01-30T04:08:00.076Z\",\n                \"id\": \"43f5e8c0-fd91-11f0-b586-d64521420cb0\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-01-30T04:08:00.076Z\",\n                \"id\": \"43f5e8c0-fd91-11f0-b586-d64521420cb0\"\n            },\n            \"adversaryTypes\": [\n                \"Login Brute Force\"\n            ],\n            \"description\": \"Login Brute Force Activity\",\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"testJor.lumu\",\n                        \"type\": \"active-directory\"\n                    },\n                    \"count\": 1\n                }\n            ],\n            \"counts\": {\n                \"endpointTargetsCount\": 0,\n                \"userTargetsCount\": 1,\n                \"otherTargetsCount\": 0,\n                \"totalTargetsCount\": 1,\n                \"offendersCount\": 1\n            },\n            \"offendersSamples\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"WIN-4274QRK4U73\",\n                    \"endpoint_ip\": \"192.168.1.100\",\n                    \"_id\": \"WIN-4274QRK4U73\"\n                }\n            ],\n            \"targetsSamples\": [\n                {\n                    \"type\": \"user\",\n                    \"realm\": \"testJor.lumu\",\n                    \"name\": \"user450\",\n                    \"_id\": \"testJor.lumu:S-1-5-21-887190572-887190572-24807815-1001\"\n                }\n            ],\n            \"unread\": true,\n            \"hasPlaybackEvents\": false,\n            \"autopilotOperation\": null,\n            \"integrationsThatResponded\": [],\n            \"builtInResponseTypes\": [],\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"failed_attempts\",\n                    \"value\": 80\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"elapsed_time_ms\",\n                    \"value\": 3000\n                }\n            ],\n            \"eventsGroupingsCount\": 1\n        },\n        {\n            \"id\": \"91ab8140-fd5c-11f0-bcb7-57f3fdca792c\",\n            \"timestamp\": \"2026-01-29T21:50:47.124Z\",\n            \"status\": \"open\",\n            \"statusTimestamp\": \"2026-01-29T21:50:47.124Z\",\n            \"incidentGroupingFields\": {\n                \"adversary\": \"www.casaducale.it\"\n            },\n            \"detectorType\": \"activity\",\n            \"incidentType\": \"malicious-infrastructure\",\n            \"totalEvents\": 2,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-01-29T08:15:51.125Z\",\n                \"id\": \"b9622850-fcea-11f0-afea-8197aef5e7a7\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-01-29T09:15:51.125Z\",\n                \"id\": \"1b269050-fcf3-11f0-afeb-8197aef5e7a7\"\n            },\n            \"adversaryTypes\": [\n                \"Phishing\"\n            ],\n            \"description\": \"Phishing domain\",\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"13\",\n                        \"type\": \"network-label\"\n                    },\n                    \"count\": 2\n                }\n            ],\n            \"counts\": {\n                \"endpointTargetsCount\": 1,\n                \"userTargetsCount\": 0,\n                \"otherTargetsCount\": 0,\n                \"totalTargetsCount\": 1,\n                \"offendersCount\": 1\n            },\n            \"offendersSamples\": [\n                {\n                    \"_id\": \"www.casaducale.it\",\n                    \"type\": \"network-location\",\n                    \"value\": \"www.casaducale.it\"\n                }\n            ],\n            \"targetsSamples\": [\n                {\n                    \"_id\": \"Acme Gateway|13\",\n                    \"type\": \"network-endpoint\",\n                    \"label\": \"13\",\n                    \"name\": \"Acme Gateway\",\n                    \"endpoint_ip\": \"190.27.75.165\"\n                }\n            ],\n            \"unread\": false,\n            \"hasPlaybackEvents\": false,\n            \"lastAssignee\": 1,\n            \"autopilotOperation\": null,\n            \"integrationsThatResponded\": [],\n            \"builtInResponseTypes\": [],\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"4|21\",\n                    \"value\": 2\n                }\n            ],\n            \"eventsGroupingsCount\": 1\n        }\n    ],\n    \"timestamp\": \"2026-01-30T19:58:15.954Z\",\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 50,\n        \"count\": 4\n    }\n}"}],"_postman_id":"369929d1-566c-42ea-9823-6babf94eb2f6"},{"name":"Get open incidents","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"20fd8798-ea0c-40cb-b0a6-12926cfc69b8"}}],"id":"14fdc9ba-a0d2-450f-97dc-9bfb3bcb14af","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\r\n  \"labels\": [1, 2, 3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/open?key=","description":"<p>Get a paginated list of all <em>open</em> incidents of the company.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","open"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":"<n>"},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":"<n>"}],"variable":[]}},"response":[{"id":"170c44b4-7cd4-4760-96c7-e4901ab8380f","name":"Get open incidents","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"adversary-types\": [\"Malware\"], //Adversary types. If not specified, all objects are returned.\r\n  \"labels\": [] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/open?key={{authorization_secret_-_uuid}}&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","open"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"id\": \"e99fa020-fd57-11f0-9776-41104e67f3e4\",\n            \"timestamp\": \"2026-01-29T21:17:27.202Z\",\n            \"status\": \"open\",\n            \"statusTimestamp\": \"2026-01-29T21:17:27.202Z\",\n            \"incidentGroupingFields\": {\n                \"adversary\": \"twitterlays.com\"\n            },\n            \"detectorType\": \"activity\",\n            \"incidentType\": \"malicious-infrastructure\",\n            \"totalEvents\": 2,\n            \"firstEvent\": {\n                \"timestamp\": \"2025-01-29T08:20:51.125Z\",\n                \"id\": \"f36bc650-de19-11ef-afec-8197aef5e7a7\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2025-01-29T08:20:51.125Z\",\n                \"id\": \"f36bc650-de19-11ef-afec-8197aef5e7a7\"\n            },\n            \"adversaryTypes\": [\n                \"Malware\"\n            ],\n            \"description\": \"Malware related\",\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"4\",\n                        \"type\": \"network-label\"\n                    },\n                    \"count\": 2\n                }\n            ],\n            \"counts\": {\n                \"endpointTargetsCount\": 1,\n                \"userTargetsCount\": 0,\n                \"otherTargetsCount\": 0,\n                \"totalTargetsCount\": 1,\n                \"offendersCount\": 1\n            },\n            \"offendersSamples\": [\n                {\n                    \"_id\": \"twitterlays.com\",\n                    \"type\": \"network-location\",\n                    \"value\": \"twitterlays.com\"\n                }\n            ],\n            \"targetsSamples\": [\n                {\n                    \"_id\": \"FW_SGM_DC_01|4\",\n                    \"type\": \"network-endpoint\",\n                    \"label\": \"4\",\n                    \"name\": \"FW_SGM_DC_01\",\n                    \"endpoint_ip\": \"10.0.0.46\"\n                }\n            ],\n            \"unread\": false,\n            \"hasPlaybackEvents\": false,\n            \"lastAssignee\": 1,\n            \"autopilotOperation\": null,\n            \"integrationsThatResponded\": [],\n            \"builtInResponseTypes\": [],\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"4|21\",\n                    \"value\": 2\n                }\n            ],\n            \"eventsGroupingsCount\": 1\n        }\n    ],\n    \"timestamp\": \"2026-01-30T20:09:49.861Z\",\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 50,\n        \"count\": 1\n    }\n}"}],"_postman_id":"14fdc9ba-a0d2-450f-97dc-9bfb3bcb14af"},{"name":"Get muted incidents","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"6b3948be-ee99-4c04-9a50-10a0762cfa58"}}],"id":"e9ef66ed-1087-46a8-80e3-26e2b4c5a319","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\r\n  \"labels\": [1, 2, 3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/muted?key=","description":"<p>Get a paginated list of all muted incidents of the company.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","muted"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":"<n>"},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":"<n>"}],"variable":[]}},"response":[{"id":"fc1376b7-ef29-4a6e-9871-b17d4e9c5900","name":"Get muted incidents","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"adversary-types\": [\"Phishing\"], //Adversary types. If not specified, all objects are returned.\r\n  \"labels\": [13] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/muted?key={{authorization_secret_-_uuid}}&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","muted"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"id\": \"91ab8140-fd5c-11f0-bcb7-57f3fdca792c\",\n            \"timestamp\": \"2026-01-29T21:50:47.124Z\",\n            \"status\": \"muted\",\n            \"statusTimestamp\": \"2026-01-29T21:50:47.124Z\",\n            \"incidentGroupingFields\": {\n                \"adversary\": \"www.casaducale.it\"\n            },\n            \"detectorType\": \"activity\",\n            \"incidentType\": \"malicious-infrastructure\",\n            \"totalEvents\": 2,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-01-29T08:15:51.125Z\",\n                \"id\": \"b9622850-fcea-11f0-afea-8197aef5e7a7\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-01-29T09:15:51.125Z\",\n                \"id\": \"1b269050-fcf3-11f0-afeb-8197aef5e7a7\"\n            },\n            \"adversaryTypes\": [\n                \"Phishing\"\n            ],\n            \"description\": \"Phishing domain\",\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"13\",\n                        \"type\": \"network-label\"\n                    },\n                    \"count\": 2\n                }\n            ],\n            \"counts\": {\n                \"endpointTargetsCount\": 1,\n                \"userTargetsCount\": 0,\n                \"otherTargetsCount\": 0,\n                \"totalTargetsCount\": 1,\n                \"offendersCount\": 1\n            },\n            \"offendersSamples\": [\n                {\n                    \"_id\": \"www.casaducale.it\",\n                    \"type\": \"network-location\",\n                    \"value\": \"www.casaducale.it\"\n                }\n            ],\n            \"targetsSamples\": [\n                {\n                    \"_id\": \"Acme Gateway|13\",\n                    \"type\": \"network-endpoint\",\n                    \"label\": \"13\",\n                    \"name\": \"Acme Gateway\",\n                    \"endpoint_ip\": \"190.27.75.165\"\n                }\n            ],\n            \"unread\": false,\n            \"hasPlaybackEvents\": false,\n            \"lastAssignee\": 1,\n            \"autopilotOperation\": null,\n            \"integrationsThatResponded\": [],\n            \"builtInResponseTypes\": [],\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"4|21\",\n                    \"value\": 2\n                }\n            ],\n            \"eventsGroupingsCount\": 1\n        }\n    ],\n    \"timestamp\": \"2026-01-30T20:14:00.515Z\",\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 50,\n        \"count\": 1\n    }\n}"}],"_postman_id":"e9ef66ed-1087-46a8-80e3-26e2b4c5a319"},{"name":"Get closed incidents","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"7a7b06e9-cf7e-439f-b6bd-5837d637b321"}}],"id":"39f1e4d9-0eb2-459d-93e9-1c79aac2e2df","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\r\n  \"labels\": [1, 2, 3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/closed?key=","description":"<p>Get a paginated list of all closed incidents of the company.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","closed"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":"<n>"},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":"<n>"}],"variable":[]}},"response":[{"id":"e5a9dd9d-8edd-4604-887d-34ea6cefd244","name":"Get closed incidents","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"adversary-types\": [], //Adversary types. If not specified, all objects are returned.\r\n  \"labels\": [2] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/closed?key={{authorization_secret_-_uuid}}&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","closed"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"id\": \"73986b40-fd5d-11f0-bcb7-57f3fdca792c\",\n            \"timestamp\": \"2026-01-29T21:57:06.164Z\",\n            \"status\": \"closed\",\n            \"statusTimestamp\": \"2026-01-29T21:57:06.164Z\",\n            \"incidentGroupingFields\": {\n                \"src_ip\": \"192.168.5.22\",\n                \"src_label\": \"2\"\n            },\n            \"detectorType\": \"network-access-abuse-detector\",\n            \"incidentType\": \"network-brute-force\",\n            \"totalEvents\": 20,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-01-29T21:49:00Z\",\n                \"id\": \"51c88640-fd5c-11f0-900d-fef7b4b0b2ca\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-01-29T21:54:59.640Z\",\n                \"id\": \"2820a7e0-fd5d-11f0-900d-fef7b4b0b2ca\"\n            },\n            \"adversaryTypes\": [\n                \"Network Brute Force\"\n            ],\n            \"description\": \"Potential brute-force activity or protocol abuse.\",\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"2\",\n                        \"type\": \"network-label\"\n                    },\n                    \"count\": 20\n                }\n            ],\n            \"counts\": {\n                \"endpointTargetsCount\": 1,\n                \"userTargetsCount\": 0,\n                \"otherTargetsCount\": 0,\n                \"totalTargetsCount\": 1,\n                \"offendersCount\": 1\n            },\n            \"offendersSamples\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"192.168.5.22\",\n                    \"endpoint_ip\": \"192.168.5.22\",\n                    \"label\": \"2\"\n                }\n            ],\n            \"targetsSamples\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"192.168.1.20\",\n                    \"endpoint_ip\": \"192.168.1.20\",\n                    \"label\": \"2\"\n                }\n            ],\n            \"unread\": false,\n            \"hasPlaybackEvents\": false,\n            \"lastAssignee\": 1,\n            \"autopilotOperation\": null,\n            \"integrationsThatResponded\": [],\n            \"builtInResponseTypes\": [],\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"bytes_sent\",\n                    \"value\": 27068232\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"requests_sent\",\n                    \"value\": 4000\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"duration_ms\",\n                    \"value\": 27788981\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"packages_sent\",\n                    \"value\": 401023\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"elapsed_time_ms\",\n                    \"value\": 358200\n                }\n            ],\n            \"eventsGroupingsCount\": 1\n        }\n    ],\n    \"timestamp\": \"2026-01-30T20:17:01.477Z\",\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 50,\n        \"count\": 1\n    }\n}"}],"_postman_id":"39f1e4d9-0eb2-459d-93e9-1c79aac2e2df"},{"name":"Get incident events groupings","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"ca8c05d8-64f4-471b-bf13-ca435dfcee92"}}],"id":"70d00e41-4f86-4882-b4f8-620aa23b6fc9","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"status\": [\"open\", \"closed\", \"muted\"], //Set of incident statuses to filter by. If not specified, all objects are returned.\r\n  \"sort-criteria\": [], //Array of sorting criteria. Available sorting criteria are: first_event_timestamp, last_event_timestamp, events_count, offenders_count, total_targets_count, affected_environment_count, grouping_fields. If not specified, all objects are returned.\r\n  \"filters\": [] //Array of filter criteria. Available filter criteria are: network_label, has_playback_events, events_grouping_fields. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incidentId>/events-groupings?key=&page=<n>&items=<n>","description":"<p>Retrieve the <em>eventsgroupingid</em> of a specific incident.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incidentId>","events-groupings"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":"<n>"},{"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":"<n>"}],"variable":[]}},"response":[{"id":"0791b4e2-9abc-492b-8c61-dab8ad67370e","name":"Get incident events groupings","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"status\": [\"open\"], //Set of incident statuses to filter by. If not specified, all objects are returned.\r\n  \"sort-criteria\": [{\"criteria\": \"events_count\", \"order\": \"desc\"}], //Array of sorting criteria. Available sorting criteria are: first_event_timestamp, last_event_timestamp, events_count, offenders_count, total_targets_count, affected_environment_count, grouping_fields. If not specified, all objects are returned.\r\n  \"filters\": [] //Array of filter criteria. Available filter criteria are: network_label, has_playback_events, events_grouping_fields. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/c67d19b2-131e-11f1-0000-000000000000/events-groupings?key={{authorization_secret_-_uuid}}&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","c67d19b2-131e-11f1-0000-000000000000","events-groupings"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"incidentId\": \"c67d19b2-131e-11f1-0000-000000000000\",\n            \"eventsGroupingId\": \"eyJlbmRwb2ludCI6IkZXX1NHTV9EQ18wMSIsImxhYmVsIjoiNCJ9\",\n            \"eventsGroupingFields\": {\n                \"label\": \"4\",\n                \"endpoint\": \"FW_SGM_DC_01\"\n            },\n            \"totalEvents\": 4,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-02-08T14:23:45.835Z\",\n                \"id\": \"c71117b0-04f9-11f1-bad1-31c2dc940cc1\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-02-20T14:25:07.164Z\",\n                \"id\": \"f47fe9c0-0e67-11f1-bb20-31c2dc940cc1\"\n            },\n            \"targets\": 1,\n            \"offenders\": 1,\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"4\",\n                        \"type\": \"network-label\"\n                    },\n                    \"count\": 4\n                }\n            ],\n            \"hasPlaybackEvents\": false,\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"4|14\",\n                    \"value\": 4\n                }\n            ]\n        },\n        {\n            \"incidentId\": \"c67d19b2-131e-11f1-0000-000000000000\",\n            \"eventsGroupingId\": \"eyJlbmRwb2ludCI6IkZXX1NHTV9EQ18wMSIsImxhYmVsIjoiMCJ9\",\n            \"eventsGroupingFields\": {\n                \"label\": \"0\",\n                \"endpoint\": \"FW_SGM_DC_01\"\n            },\n            \"totalEvents\": 3,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-02-14T22:29:50.208Z\",\n                \"id\": \"acddc000-09f4-11f1-9b6e-b7bfc70a151f\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-02-24T15:34:27.875Z\",\n                \"id\": \"4e210730-1196-11f1-be36-9fc45ebf69ea\"\n            },\n            \"targets\": 1,\n            \"offenders\": 1,\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"0\",\n                        \"type\": \"network-label\"\n                    },\n                    \"count\": 3\n                }\n            ],\n            \"hasPlaybackEvents\": false,\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"5|22\",\n                    \"value\": 2\n                },\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"5|15\",\n                    \"value\": 1\n                }\n            ]\n        },\n        {\n            \"incidentId\": \"c67d19b2-131e-11f1-0000-000000000000\",\n            \"eventsGroupingId\": \"eyJlbmRwb2ludCI6IkFjbWUiLCJsYWJlbCI6IjQifQ==\",\n            \"eventsGroupingFields\": {\n                \"label\": \"4\",\n                \"endpoint\": \"Acme\"\n            },\n            \"totalEvents\": 2,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-02-12T14:24:12.374Z\",\n                \"id\": \"80899f60-081e-11f1-baec-31c2dc940cc1\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-02-22T14:25:19.324Z\",\n                \"id\": \"5092e1c0-0ffa-11f1-bb2f-31c2dc940cc1\"\n            },\n            \"targets\": 1,\n            \"offenders\": 1,\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"4\",\n                        \"type\": \"network-label\"\n                    },\n                    \"count\": 2\n                }\n            ],\n            \"hasPlaybackEvents\": false,\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"4|14\",\n                    \"value\": 2\n                }\n            ]\n        },\n        {\n            \"incidentId\": \"c67d19b2-131e-11f1-0000-000000000000\",\n            \"eventsGroupingId\": \"eyJlbmRwb2ludCI6IkFjbWUgR2F0ZXdheSIsImxhYmVsIjoiMTMifQ==\",\n            \"eventsGroupingFields\": {\n                \"label\": \"13\",\n                \"endpoint\": \"Acme Gateway\"\n            },\n            \"totalEvents\": 2,\n            \"firstEvent\": {\n                \"timestamp\": \"2026-02-07T14:23:38.496Z\",\n                \"id\": \"98478000-0430-11f1-bacb-31c2dc940cc1\"\n            },\n            \"lastEvent\": {\n                \"timestamp\": \"2026-02-21T14:25:13.246Z\",\n                \"id\": \"2289b3e0-0f31-11f1-bb25-31c2dc940cc1\"\n            },\n            \"targets\": 1,\n            \"offenders\": 1,\n            \"environmentStats\": [\n                {\n                    \"environment\": {\n                        \"id\": \"13\",\n                        \"type\": \"network-label\"\n                    },\n                    \"count\": 2\n                }\n            ],\n            \"hasPlaybackEvents\": false,\n            \"accumulators\": [\n                {\n                    \"type\": \"int_accumulator\",\n                    \"key\": \"4|14\",\n                    \"value\": 2\n                }\n            ]\n        }\n    ],\n    \"timestamp\": \"2026-02-27T22:54:03.161Z\",\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 50,\n        \"count\": 4\n    }\n}"}],"_postman_id":"70d00e41-4f86-4882-b4f8-620aa23b6fc9"},{"name":"Get incident details","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"b49aca22-b4b9-4a37-a19e-b5f5d6955d2a"}}],"id":"cb3410cd-0d83-45a6-9b50-806597062898","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incidentId>/details?key=","description":"<p>Get details of a specific incident.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incidentId>","details"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"9225d06d-df98-4700-bf35-fbba11877169","name":"Get incident details","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/secops/incidents/73986b40-fd5d-11f0-bcb7-57f3fdca792c/details?key={{authorization_secret_-_uuid}}","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","73986b40-fd5d-11f0-bcb7-57f3fdca792c","details"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[],"responseTime":null,"body":"{\n    \"id\": \"73986b40-fd5d-11f0-bcb7-57f3fdca792c\",\n    \"timestamp\": \"2026-01-29T21:57:06.164Z\",\n    \"isUnread\": false,\n    \"hasPlaybackEvents\": false,\n    \"totalEvents\": 20,\n    \"eventsGroupingsCount\": 1,\n    \"incidentGroupingId\": \"fe626556bfb3d2abe8202467cd1ec0e7e12fe41ecd3ceec7728fb1f2a5c8c5cc\",\n    \"incidentGroupingFields\": {\n        \"src_ip\": \"192.168.5.22\",\n        \"src_label\": \"2\"\n    },\n    \"detectorType\": \"network-access-abuse-detector\",\n    \"incidentType\": \"network-brute-force\",\n    \"offendersSamples\": [\n        {\n            \"type\": \"network-endpoint\",\n            \"name\": \"192.168.5.22\",\n            \"endpoint_ip\": \"192.168.5.22\",\n            \"label\": \"2\"\n        }\n    ],\n    \"targetsSamples\": [\n        {\n            \"type\": \"network-endpoint\",\n            \"name\": \"192.168.1.20\",\n            \"endpoint_ip\": \"192.168.1.20\",\n            \"label\": \"2\"\n        }\n    ],\n    \"adversaryTypes\": [\n        \"Network Brute Force\"\n    ],\n    \"description\": \"Potential brute-force activity or protocol abuse.\",\n    \"environmentStats\": [\n        {\n            \"environment\": {\n                \"id\": \"2\",\n                \"type\": \"network-label\"\n            },\n            \"count\": 20\n        }\n    ],\n    \"actions\": [\n        {\n            \"datetime\": \"2026-01-29T22:01:19.394Z\",\n            \"userId\": 1,\n            \"action\": \"close\",\n            \"comment\": \"Closing\"\n        },\n        {\n            \"datetime\": \"2026-01-29T22:01:08.472Z\",\n            \"userId\": 1,\n            \"action\": \"comment\",\n            \"comment\": \"Commenting\"\n        },\n        {\n            \"datetime\": \"2026-01-29T22:00:53.120Z\",\n            \"userId\": 1,\n            \"action\": \"unmute\",\n            \"comment\": \"Unmuting\"\n        },\n        {\n            \"datetime\": \"2026-01-29T22:00:43.573Z\",\n            \"userId\": 1,\n            \"action\": \"mute\",\n            \"comment\": \"Muting\"\n        },\n        {\n            \"datetime\": \"2026-01-29T21:59:48.779Z\",\n            \"userId\": 1,\n            \"action\": \"incident-assigned\",\n            \"comment\": \"Marking as in progress\"\n        },\n        {\n            \"datetime\": \"2026-01-29T21:59:34.399Z\",\n            \"userId\": 1,\n            \"action\": \"read\",\n            \"comment\": \"\"\n        }\n    ],\n    \"status\": \"closed\",\n    \"firstEvent\": {\n        \"timestamp\": \"2026-01-29T21:49:00Z\",\n        \"id\": \"51c88640-fd5c-11f0-900d-fef7b4b0b2ca\"\n    },\n    \"lastEvent\": {\n        \"timestamp\": \"2026-01-29T21:54:59.640Z\",\n        \"id\": \"2820a7e0-fd5d-11f0-900d-fef7b4b0b2ca\"\n    },\n    \"lastAssignee\": 1,\n    \"autopilotOperation\": null,\n    \"integrationsThatResponded\": [],\n    \"builtInResponseTypes\": [],\n    \"counts\": {\n        \"endpointTargetsCount\": 1,\n        \"userTargetsCount\": 0,\n        \"otherTargetsCount\": 0,\n        \"totalTargetsCount\": 1,\n        \"offendersCount\": 1\n    },\n    \"accumulators\": [\n        {\n            \"type\": \"int_accumulator\",\n            \"key\": \"bytes_sent\",\n            \"value\": 27068232\n        },\n        {\n            \"type\": \"int_accumulator\",\n            \"key\": \"requests_sent\",\n            \"value\": 4000\n        },\n        {\n            \"type\": \"int_accumulator\",\n            \"key\": \"duration_ms\",\n            \"value\": 27788981\n        },\n        {\n            \"type\": \"int_accumulator\",\n            \"key\": \"packages_sent\",\n            \"value\": 401023\n        },\n        {\n            \"type\": \"int_accumulator\",\n            \"key\": \"elapsed_time_ms\",\n            \"value\": 358200\n        }\n    ]\n}"}],"_postman_id":"cb3410cd-0d83-45a6-9b50-806597062898"},{"name":"Mark incident as read","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"c775a041-690a-4df8-b210-1a24d2755db4"}}],"id":"452a09a8-75d6-4998-8b63-5955f25cee13","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incidentId>/mark-as-read?key=","description":"<p>Marks an specific incident as read</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incidentId>","mark-as-read"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"8a81d57c-2c49-4f67-b6ec-515ded8f3a25","name":"Mark incident as read","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/c522c290-fd61-11f0-bcb7-57f3fdca792c/mark-as-read?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","c522c290-fd61-11f0-bcb7-57f3fdca792c","mark-as-read"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3"}]}},"_postman_previewlanguage":"Text","header":[],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":""}],"_postman_id":"452a09a8-75d6-4998-8b63-5955f25cee13"},{"name":"Begin incident work","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"6d0a95f4-ca61-44d1-95d4-913d8c736fd9"}}],"id":"62bc8ed3-dc79-481c-85b0-5dedca443503","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"\", //REQUIRED comment to be added in the Incident log. Example:\"Initial investigation and testing\"\r\n    \"data\": {\r\n        \"assignee\": 1 //ID of the user assigned to the incident. \r\n    }\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incidentId>/begin-work?key=","description":"<p>Initiate the operations on a specific incident. It can be assigned to a specific user.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incidentId>","begin-work"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"275972b0-34a0-49da-ac67-f0cb8176e1cb","name":"Begin incident work","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"Initial investigation and testing\", //REQUIRED comment to be added in the Incident log. Example:\"Initial investigation and testing\"\r\n    \"data\": {\r\n        \"assignee\": 1\r\n    }\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/2d4ace10-fd55-11f0-9776-41104e67f3e4/begin-work?key={{authorization_secret_-_uuid}}","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","2d4ace10-fd55-11f0-9776-41104e67f3e4","begin-work"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"}]}},"_postman_previewlanguage":"Text","header":[],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":""}],"_postman_id":"62bc8ed3-dc79-481c-85b0-5dedca443503"},{"name":"Comment incident","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"833f5b0d-c52b-48e9-a927-0214e6f2d55b"}}],"id":"20b0f458-8442-4b1c-94b0-ec3d084fc2c2","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"\", //REQUIRED. Comment to be added in the Incident log. Example:\"Initial investigation and testing\"\r\n    \"reason\": \"\" //Reason of the comment\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incidentId>/comment?key=","description":"<p>Add a comment to a specific incident.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incidentId>","comment"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"b4d83e64-6380-4651-9e4f-38fe7cf76134","name":"Comment incident","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"Added new information\", //REQUIRED comment to be added in the Incident log. Example:\"Initial investigation and testing\"\r\n    \"reason\": \"New information found\" //Reason of the comment\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/2d4ace10-fd55-11f0-9776-41104e67f3e4/comment?key={{authorization_secret_-_uuid}}","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","2d4ace10-fd55-11f0-9776-41104e67f3e4","comment"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"}]}},"_postman_previewlanguage":"Text","header":[],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":""}],"_postman_id":"20b0f458-8442-4b1c-94b0-ec3d084fc2c2"},{"name":"Mute incident","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"0a10e815-bea1-466f-9e45-6a5c790a9669"}}],"id":"d8edc64c-2941-4b20-81d0-60edee33e291","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"\" //REQUIRED comment to be added in the Incident log. Example:\"Muting incident\"\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incidentId>/mute?key=","description":"<p>Mute a specific incident.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incidentId>","mute"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"fad6da5d-7dbd-4606-925b-887cc2553d87","name":"Mute incident","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"Muting incident, no longer needed\" //REQUIRED comment to be added in the Incident log. Example:\"Muting incident\"\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/2d4ace10-fd55-11f0-9776-41104e67f3e4/mute?key={{authorization_secret_-_uuid}}","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","2d4ace10-fd55-11f0-9776-41104e67f3e4","mute"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"}]}},"_postman_previewlanguage":"Text","header":[],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":""}],"_postman_id":"d8edc64c-2941-4b20-81d0-60edee33e291"},{"name":"Unmute incident","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"7ac4f91d-a0a3-438f-9c75-88da1c716040"}}],"id":"c3ba987c-008f-4239-a8db-7d45f5837b8f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"\" //REQUIRED comment to be added in the Incident log. Example:\"Unmuting incident\"\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incidentId>/unmute?key=","description":"<p>Unmute a specific incident.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incidentId>","unmute"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"873df91a-ccb9-4f33-a7ab-b11f5439f96e","name":"Unmute incident","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"Unmuting incident\" //REQUIRED comment to be added in the Incident log. Example:\"Unmuting incident\"\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/2d4ace10-fd55-11f0-9776-41104e67f3e4/unmute?key={{authorization_secret_-_uuid}}","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","2d4ace10-fd55-11f0-9776-41104e67f3e4","unmute"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"}]}},"_postman_previewlanguage":"Text","header":[],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":""}],"_postman_id":"c3ba987c-008f-4239-a8db-7d45f5837b8f"},{"name":"Close incident","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"214b3f44-f355-4e5a-bb91-1eb24bba1631"}}],"id":"e17875c8-b231-452b-80d2-60f213fc9563","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"\" //REQUIRED comment to be added in the Incident log. Example:\"Closing incident\"\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incidentId>/close?key=","description":"<p>Close a specific incident.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incidentId>","close"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"1f8ff823-0a78-4167-9352-6fa38b0cf007","name":"Close incident","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"Closing incident\" //REQUIRED comment to be added in the Incident log. Example:\"Closing incident\"\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/2d4ace10-fd55-11f0-9776-41104e67f3e4/close?key={{authorization_secret_-_uuid}}","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","2d4ace10-fd55-11f0-9776-41104e67f3e4","close"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"}]}},"_postman_previewlanguage":"Text","header":[],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":""}],"_postman_id":"e17875c8-b231-452b-80d2-60f213fc9563"},{"name":"Consult incidents updates","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"55479ea0-f29a-411e-acbf-ca422a58c1a7"}}],"id":"00dc6923-ce82-44b2-8dfb-04edb6d09c8c","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/updates?key=","description":"<p>Obtain real-time updates on incident operations.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","updates"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The starting poin from which to begin consuming records. Defaults to the earliest record if omitted.</p>\n","type":"text/plain"},"key":"offset","value":"<n>"},{"disabled":true,"description":{"content":"<p>Number of elements that will be retrieved in a single request.</p>\n","type":"text/plain"},"key":"items","value":"<n>"},{"disabled":true,"description":{"content":"<p>The maximum duration (in seconds) the server will wait to accumulate records before returning a response.</p>\n","type":"text/plain"},"key":"time","value":"<n>"}],"variable":[]}},"response":[{"id":"049d8b1b-a957-4b8d-a8de-1e95d3cc69bf","name":"Consult incidents updates","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/secops/incidents/updates?key={{authorization_secret_-_uuid}}","protocol":"https","host":["defender","lumu","io"],"path":["api","secops","incidents","updates"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"offset","value":"<n>","description":"The starting poin from which to begin consuming records. Defaults to the earliest record if omitted.","type":"text","disabled":true},{"key":"items","value":"<n>","description":"Number of elements that will be retrieved in a single request.","type":"text","disabled":true},{"key":"time","value":"<n>","description":"The maximum duration (in seconds) the server will wait to accumulate records before returning a response.","type":"text","disabled":true}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":"{\n    \"updates\": [\n        {\n            \"IncidentMarkedAsRead\": {\n                \"companyId\": \"abe6e0e3-f53a-4961-bf37-5ce4a51255d0\",\n                \"incidentId\": \"22a03a30-18d6-11f1-a435-bbbe6676a63e\",\n                \"incident\": {\n                    \"id\": \"22a03a30-18d6-11f1-a435-bbbe6676a63e\",\n                    \"timestamp\": \"2026-03-05T20:59:00.819Z\",\n                    \"status\": \"open\",\n                    \"statusTimestamp\": \"2026-03-05T20:59:00.819Z\",\n                    \"incidentGroupingFields\": {\n                        \"adversary\": \"www.casaducale.it\"\n                    },\n                    \"detectorType\": \"activity\",\n                    \"incidentType\": \"malicious-infrastructure\",\n                    \"totalEvents\": 1,\n                    \"firstEvent\": {\n                        \"timestamp\": \"2026-03-05T09:15:51.125Z\",\n                        \"id\": \"e79bd050-1873-11f1-96c4-9308f78bb03d\"\n                    },\n                    \"lastEvent\": {\n                        \"timestamp\": \"2026-03-05T09:15:51.125Z\",\n                        \"id\": \"e79bd050-1873-11f1-96c4-9308f78bb03d\"\n                    },\n                    \"adversaryTypes\": [\n                        \"Phishing\"\n                    ],\n                    \"description\": \"Phishing domain\",\n                    \"environmentStats\": [\n                        {\n                            \"environment\": {\n                                \"id\": \"13\",\n                                \"type\": \"network-label\"\n                            },\n                            \"count\": 1\n                        }\n                    ],\n                    \"counts\": {\n                        \"endpointTargetsCount\": 1,\n                        \"userTargetsCount\": 0,\n                        \"otherTargetsCount\": 0,\n                        \"totalTargetsCount\": 1,\n                        \"offendersCount\": 1\n                    },\n                    \"offendersSamples\": [\n                        {\n                            \"_id\": \"www.casaducale.it\",\n                            \"type\": \"network-location\",\n                            \"value\": \"www.casaducale.it\"\n                        }\n                    ],\n                    \"targetsSamples\": [\n                        {\n                            \"_id\": \"Acme Gateway|13\",\n                            \"type\": \"network-endpoint\",\n                            \"label\": \"13\",\n                            \"name\": \"Acme Gateway\",\n                            \"endpoint_ip\": \"190.27.75.165\"\n                        }\n                    ],\n                    \"isUnread\": false,\n                    \"hasPlaybackEvents\": false,\n                    \"autopilotOperation\": null,\n                    \"integrationsThatResponded\": [],\n                    \"builtInResponseTypes\": [],\n                    \"accumulators\": [\n                        {\n                            \"type\": \"int_accumulator\",\n                            \"key\": \"4|20\",\n                            \"value\": 1\n                        }\n                    ],\n                    \"eventsGroupingsCount\": 1\n                }\n            }\n        },\n        {\n            \"IncidentAssigned\": {\n                \"companyId\": \"abe6e0e3-f53a-4961-bf37-5ce4a51255d0\",\n                \"msgId\": \"416ce6c0-18d6-11f1-a435-bbbe6676a63e\",\n                \"incidentId\": \"22a03a30-18d6-11f1-a435-bbbe6676a63e\",\n                \"payload\": {\n                    \"comment\": \"working\"\n                },\n                \"incident\": {\n                    \"id\": \"22a03a30-18d6-11f1-a435-bbbe6676a63e\",\n                    \"timestamp\": \"2026-03-05T20:59:00.819Z\",\n                    \"status\": \"open\",\n                    \"statusTimestamp\": \"2026-03-05T20:59:00.819Z\",\n                    \"incidentGroupingFields\": {\n                        \"adversary\": \"www.casaducale.it\"\n                    },\n                    \"detectorType\": \"activity\",\n                    \"incidentType\": \"malicious-infrastructure\",\n                    \"totalEvents\": 1,\n                    \"firstEvent\": {\n                        \"timestamp\": \"2026-03-05T09:15:51.125Z\",\n                        \"id\": \"e79bd050-1873-11f1-96c4-9308f78bb03d\"\n                    },\n                    \"lastEvent\": {\n                        \"timestamp\": \"2026-03-05T09:15:51.125Z\",\n                        \"id\": \"e79bd050-1873-11f1-96c4-9308f78bb03d\"\n                    },\n                    \"adversaryTypes\": [\n                        \"Phishing\"\n                    ],\n                    \"description\": \"Phishing domain\",\n                    \"environmentStats\": [\n                        {\n                            \"environment\": {\n                                \"id\": \"13\",\n                                \"type\": \"network-label\"\n                            },\n                            \"count\": 1\n                        }\n                    ],\n                    \"counts\": {\n                        \"endpointTargetsCount\": 1,\n                        \"userTargetsCount\": 0,\n                        \"otherTargetsCount\": 0,\n                        \"totalTargetsCount\": 1,\n                        \"offendersCount\": 1\n                    },\n                    \"offendersSamples\": [\n                        {\n                            \"_id\": \"www.casaducale.it\",\n                            \"type\": \"network-location\",\n                            \"value\": \"www.casaducale.it\"\n                        }\n                    ],\n                    \"targetsSamples\": [\n                        {\n                            \"_id\": \"Acme Gateway|13\",\n                            \"type\": \"network-endpoint\",\n                            \"label\": \"13\",\n                            \"name\": \"Acme Gateway\",\n                            \"endpoint_ip\": \"190.27.75.165\"\n                        }\n                    ],\n                    \"unread\": false,\n                    \"hasPlaybackEvents\": false,\n                    \"lastAssignee\": 1,\n                    \"autopilotOperation\": null,\n                    \"integrationsThatResponded\": [],\n                    \"builtInResponseTypes\": [],\n                    \"accumulators\": [\n                        {\n                            \"type\": \"int_accumulator\",\n                            \"key\": \"4|20\",\n                            \"value\": 1\n                        }\n                    ],\n                    \"eventsGroupingsCount\": 1\n                },\n                \"assigner\": 1,\n                \"assignee\": 1\n            }\n        },\n        {\n            \"OpenIncidentStatsUpdated\": {\n                \"companyId\": \"abe6e0e3-f53a-4961-bf37-5ce4a51255d0\",\n                \"stats\": {\n                    \"openIncidents\": 20,\n                    \"inProgressIncidents\": 4,\n                    \"automaticallyResponded\": 0,\n                    \"assignedToAutopilot\": 0,\n                    \"escalatedByAutopilot\": 0,\n                    \"totalEvents\": 317,\n                    \"typeDistribution\": {\n                        \"DGA\": 1,\n                        \"C2C\": 3,\n                        \"Login Brute Force\": 1,\n                        \"Spam\": 1,\n                        \"Network Brute Force\": 2,\n                        \"Malware\": 4,\n                        \"Unusual Login\": 1,\n                        \"Network Scan\": 1,\n                        \"Mining\": 2,\n                        \"Anonymizer\": 2,\n                        \"Phishing\": 2\n                    },\n                    \"environmentStats\": [\n                        {\n                            \"environment\": {\n                                \"id\": \"13\",\n                                \"type\": \"network-label\"\n                            },\n                            \"count\": 2\n                        },\n                        {\n                            \"environment\": {\n                                \"id\": \"4\",\n                                \"type\": \"network-label\"\n                            },\n                            \"count\": 0\n                        },\n                        {\n                            \"environment\": {\n                                \"id\": \"testJor.lumu\",\n                                \"type\": \"active-directory\"\n                            },\n                            \"count\": 1\n                        },\n                        {\n                            \"environment\": {\n                                \"id\": \"0\",\n                                \"type\": \"network-label\"\n                            },\n                            \"count\": 0\n                        },\n                        {\n                            \"environment\": {\n                                \"id\": \"2\",\n                                \"type\": \"network-label\"\n                            },\n                            \"count\": 1\n                        }\n                    ],\n                    \"affectedEndpoints\": 105,\n                    \"affectedUsers\": 2,\n                    \"otherAffectedEntities\": 0\n                }\n            }\n        },\n        {\n            \"IncidentCommentAdded\": {\n                \"companyId\": \"abe6e0e3-f53a-4961-bf37-5ce4a51255d0\",\n                \"msgId\": \"451fb590-18d6-11f1-a435-bbbe6676a63e\",\n                \"incidentId\": \"22a03a30-18d6-11f1-a435-bbbe6676a63e\",\n                \"payload\": {\n                    \"comment\": \"Commenting\"\n                },\n                \"incident\": {\n                    \"id\": \"22a03a30-18d6-11f1-a435-bbbe6676a63e\",\n                    \"timestamp\": \"2026-03-05T20:59:00.819Z\",\n                    \"status\": \"open\",\n                    \"statusTimestamp\": \"2026-03-05T20:59:00.819Z\",\n                    \"incidentGroupingFields\": {\n                        \"adversary\": \"www.casaducale.it\"\n                    },\n                    \"detectorType\": \"activity\",\n                    \"incidentType\": \"malicious-infrastructure\",\n                    \"totalEvents\": 1,\n                    \"firstEvent\": {\n                        \"timestamp\": \"2026-03-05T09:15:51.125Z\",\n                        \"id\": \"e79bd050-1873-11f1-96c4-9308f78bb03d\"\n                    },\n                    \"lastEvent\": {\n                        \"timestamp\": \"2026-03-05T09:15:51.125Z\",\n                        \"id\": \"e79bd050-1873-11f1-96c4-9308f78bb03d\"\n                    },\n                    \"adversaryTypes\": [\n                        \"Phishing\"\n                    ],\n                    \"description\": \"Phishing domain\",\n                    \"environmentStats\": [\n                        {\n                            \"environment\": {\n                                \"id\": \"13\",\n                                \"type\": \"network-label\"\n                            },\n                            \"count\": 1\n                        }\n                    ],\n                    \"counts\": {\n                        \"endpointTargetsCount\": 1,\n                        \"userTargetsCount\": 0,\n                        \"otherTargetsCount\": 0,\n                        \"totalTargetsCount\": 1,\n                        \"offendersCount\": 1\n                    },\n                    \"offendersSamples\": [\n                        {\n                            \"_id\": \"www.casaducale.it\",\n                            \"type\": \"network-location\",\n                            \"value\": \"www.casaducale.it\"\n                        }\n                    ],\n                    \"targetsSamples\": [\n                        {\n                            \"_id\": \"Acme Gateway|13\",\n                            \"type\": \"network-endpoint\",\n                            \"label\": \"13\",\n                            \"name\": \"Acme Gateway\",\n                            \"endpoint_ip\": \"190.27.75.165\"\n                        }\n                    ],\n                    \"unread\": false,\n                    \"hasPlaybackEvents\": false,\n                    \"lastAssignee\": 1,\n                    \"autopilotOperation\": null,\n                    \"integrationsThatResponded\": [],\n                    \"builtInResponseTypes\": [],\n                    \"accumulators\": [\n                        {\n                            \"type\": \"int_accumulator\",\n                            \"key\": \"4|20\",\n                            \"value\": 1\n                        }\n                    ],\n                    \"eventsGroupingsCount\": 1\n                },\n                \"userId\": 1\n            }\n        }\n    ],\n    \"offset\": 1276\n}"}],"_postman_id":"00dc6923-ce82-44b2-8dfb-04edb6d09c8c"},{"name":"Get security event details","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"aa71a892-b64b-43e6-98d9-7101178d8f76"}}],"id":"7ba3cb27-0e70-42f4-8813-a2007cbb49b8","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"sort\": \"\", // Optional. Order of the data within the file, It can be ordered as \"asc\" or \"desc\". If not specified, \"desc\" will be used as default.\r\n  \"hints\": [] // Optional. An opaque object used to optimize result pagination. It can be a string, array, or JSON object\r\n} ","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incident_id>/security-events/<event_id>/details?key=&page=<n>&items=<n>","description":"<p>Retrieve the raw data of a specific event group within an incident.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incident_id>","security-events","<event_id>","details"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":"<n>"},{"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":"<n>"}],"variable":[]}},"response":[{"id":"9240e042-ba61-4a5e-8c80-b01d341f35a2","name":"Get security event details","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"sort\": \"asc\" // Optional. Order of the data within the file, It can be ordered as \"asc\" or \"desc\". If not specified, \"desc\" will be used as default.\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/secops/incidents/40f1b840-068b-11f1-9808-7da957a4189e/security-events/8f357340-1c8c-11f1-901e-3d1e28da23e4/details?key={{authorization_secret_-_uuid}}&page=1&items=10","protocol":"https","host":["defender","lumu","io"],"path":["secops","incidents","40f1b840-068b-11f1-9808-7da957a4189e","security-events","8f357340-1c8c-11f1-901e-3d1e28da23e4","details"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"10","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[{"expires":"Invalid Date","domain":"","path":""}],"responseTime":null,"body":"{\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 10,\n        \"next\": 2,\n        \"hints\": \"0000b8e28686c9601339d4b9ad3d15c30055\"\n    },\n    \"response_timestamp\": \"2026-06-18T13:44:59.034Z\",\n    \"summary\": {\n        \"company_id\": \"b321cdd2-9732-49f4-aa20-309b975ea60c\",\n        \"event_id\": \"dcfb6940-6502-11f1-a5ae-2eff16f18868\",\n        \"timestamp\": \"2026-06-10T19:30:39.700Z\",\n        \"detector_type\": \"network-access-abuse-detector\",\n        \"event_type\": \"network-brute-force\",\n        \"event_description\": \"Potential brute-force activity or protocol abuse.\",\n        \"source_type\": \"custom_collector\",\n        \"source_id\": \"8c60127d-b083-411a-ba9c-d4533589a318\",\n        \"adversary_types\": [\n            \"Network Brute Force\"\n        ],\n        \"incident_grouping_fields\": {\n            \"src_ip\": \"192.168.59.235\",\n            \"src_label\": \"0\"\n        },\n        \"events_grouping_fields\": {\n            \"transport_protocol\": \"tcp\",\n            \"port\": 3389,\n            \"dest_ip\": \"10.10.40.5\",\n            \"dest_label\": \"0\",\n            \"service\": \"rdp\"\n        },\n        \"affected_environments\": [\n            {\n                \"type\": \"network-label\",\n                \"id\": \"0\"\n            }\n        ],\n        \"targets\": [\n            {\n                \"type\": \"network-endpoint\",\n                \"name\": \"10.10.40.5\",\n                \"endpoint_ip\": \"10.10.40.5\",\n                \"label\": \"0\"\n            }\n        ],\n        \"offenders\": [\n            {\n                \"type\": \"network-endpoint\",\n                \"name\": \"192.168.59.235\",\n                \"endpoint_ip\": \"192.168.59.235\",\n                \"label\": \"0\"\n            }\n        ],\n        \"from_playback\": false\n    },\n    \"items\": [\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        },\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        },\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        },\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        },\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        },\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        },\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        },\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        },\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        },\n        {\n            \"entry\": {\n                \"timestamp\": \"2026-06-10T19:30:59.100Z\",\n                \"protocol\": \"tcp\",\n                \"time_taken\": 89841,\n                \"ip_version\": 4,\n                \"final\": false,\n                \"end_reason\": 1,\n                \"source\": {\n                    \"ip\": \"192.168.59.235\",\n                    \"port\": 61524\n                },\n                \"destination\": {\n                    \"ip\": \"10.10.40.5\",\n                    \"port\": 3389\n                },\n                \"sent\": {\n                    \"bytes\": 4150,\n                    \"packets\": 27\n                },\n                \"received\": null\n            },\n            \"label\": \"0\",\n            \"destinationLabel\": \"0\"\n        }\n    ]\n}"}],"_postman_id":"7ba3cb27-0e70-42f4-8813-a2007cbb49b8"},{"name":"Get incident security events details","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"bf196792-e968-4fdf-9901-99e862c98604"}}],"id":"985fa7ac-a86e-4607-81da-f0bd6f6b0d21","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"events_grouping_id\": [\"events_grouping_id\"], // Optional. Unique identifier used to organize events within an incident into meaningful collections (e.g., by endpoint or user)\r\n  \"episode_id\": [\"episode_id\"], // Optional. Unique a identifier of  a single ocurrance of malicious behavior within an incident. \r\n  \"sort\": \"\", // Optional. Order of the data within the file, It can be ordered as \"asc\" or \"desc\". If not specified, \"desc\" will be used as default.\r\n  \"hints\": [] // Optional. An opaque object used to optimize result pagination. It can be a string, array, or JSON object\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incident_id>/security-events/details?key=&page=<n>&items=<n>","description":"<p>Retrieve the raw data of all event groups within an incident.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incident_id>","security-events","details"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":"<n>"},{"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":"<n>"}],"variable":[]}},"response":[{"id":"4305ba7b-d7cd-498d-a58d-7456c98db5e7","name":"Get incident security events details","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"events_grouping_id\": [], // Optional. Unique identifier used to organize events within an incident into meaningful collections (e.g., by endpoint or user)\r\n  \"episode_id\": [], // Optional. Unique a identifier of  a single ocurrance of malicious behavior within an incident. \r\n  \"sort\": \"asc\" // Optional. Order of the data within the file, It can be ordered as \"asc\" or \"desc\". If not specified, \"desc\" will be used as default.\r\n}\r\n","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/secops/incidents/28bfe330-fd5f-11f0-bcb7-57f3fdca792c/security-events/details?key={{authorization_secret_-_uuid}}&page=1&items=3","protocol":"https","host":["defender","lumu","io"],"path":["secops","incidents","28bfe330-fd5f-11f0-bcb7-57f3fdca792c","security-events","details"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"3","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[],"responseTime":null,"body":"{\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 3\n    },\n    \"response_timestamp\": \"2026-06-18T13:45:31.311Z\",\n    \"items\": [\n        {\n            \"company_id\": \"b321cdd2-9732-49f4-aa20-309b975ea60c\",\n            \"event_id\": \"dcfb6940-6502-11f1-a5ae-2eff16f18868\",\n            \"timestamp\": \"2026-06-10T19:30:39.700Z\",\n            \"detector_type\": \"network-access-abuse-detector\",\n            \"event_type\": \"network-brute-force\",\n            \"event_description\": \"Potential brute-force activity or protocol abuse.\",\n            \"source_type\": \"custom_collector\",\n            \"source_id\": \"8c60127d-b083-411a-ba9c-d4533589a318\",\n            \"adversary_types\": [\n                \"Network Brute Force\"\n            ],\n            \"incident_grouping_fields\": {\n                \"src_ip\": \"192.168.59.235\",\n                \"src_label\": \"0\"\n            },\n            \"events_grouping_fields\": {\n                \"transport_protocol\": \"tcp\",\n                \"port\": 3389,\n                \"dest_ip\": \"10.10.40.5\",\n                \"dest_label\": \"0\",\n                \"service\": \"rdp\"\n            },\n            \"affected_environments\": [\n                {\n                    \"type\": \"network-label\",\n                    \"id\": \"0\"\n                }\n            ],\n            \"targets\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"10.10.40.5\",\n                    \"endpoint_ip\": \"10.10.40.5\",\n                    \"label\": \"0\"\n                }\n            ],\n            \"offenders\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"192.168.59.235\",\n                    \"endpoint_ip\": \"192.168.59.235\",\n                    \"label\": \"0\"\n                }\n            ],\n            \"from_playback\": false,\n            \"raw_data\": {\n                \"record_count\": 334,\n                \"first_record_timestamp\": \"2026-06-10T19:30:39.720Z\",\n                \"last_record_timestamp\": \"2026-06-10T19:30:59.700Z\",\n                \"first_record\": {\n                    \"entry\": {\n                        \"timestamp\": \"2026-06-10T19:30:39.720Z\",\n                        \"protocol\": \"tcp\",\n                        \"time_taken\": 89781,\n                        \"ip_version\": 4,\n                        \"final\": false,\n                        \"end_reason\": 1,\n                        \"source\": {\n                            \"ip\": \"192.168.59.235\",\n                            \"port\": 55523\n                        },\n                        \"destination\": {\n                            \"ip\": \"10.10.40.5\",\n                            \"port\": 3389\n                        },\n                        \"sent\": {\n                            \"bytes\": 4150,\n                            \"packets\": 27\n                        },\n                        \"received\": {\n                            \"bytes\": 4143,\n                            \"packets\": 27\n                        }\n                    },\n                    \"label\": \"0\",\n                    \"destinationLabel\": \"0\"\n                },\n                \"last_record\": {\n                    \"entry\": {\n                        \"timestamp\": \"2026-06-10T19:30:59.700Z\",\n                        \"protocol\": \"tcp\",\n                        \"time_taken\": 89728,\n                        \"ip_version\": 4,\n                        \"final\": false,\n                        \"end_reason\": 1,\n                        \"source\": {\n                            \"ip\": \"192.168.59.235\",\n                            \"port\": 32725\n                        },\n                        \"destination\": {\n                            \"ip\": \"10.10.40.5\",\n                            \"port\": 3389\n                        },\n                        \"sent\": {\n                            \"bytes\": 4146,\n                            \"packets\": 27\n                        },\n                        \"received\": {\n                            \"bytes\": 4147,\n                            \"packets\": 27\n                        }\n                    },\n                    \"label\": \"0\",\n                    \"destinationLabel\": \"0\"\n                }\n            }\n        },\n        {\n            \"company_id\": \"b321cdd2-9732-49f4-aa20-309b975ea60c\",\n            \"event_id\": \"d10fa740-6502-11f1-a5ae-2eff16f18868\",\n            \"timestamp\": \"2026-06-10T19:30:19.700Z\",\n            \"detector_type\": \"network-access-abuse-detector\",\n            \"event_type\": \"network-brute-force\",\n            \"event_description\": \"Potential brute-force activity or protocol abuse.\",\n            \"source_type\": \"custom_collector\",\n            \"source_id\": \"8c60127d-b083-411a-ba9c-d4533589a318\",\n            \"adversary_types\": [\n                \"Network Brute Force\"\n            ],\n            \"incident_grouping_fields\": {\n                \"src_ip\": \"192.168.59.235\",\n                \"src_label\": \"0\"\n            },\n            \"events_grouping_fields\": {\n                \"transport_protocol\": \"tcp\",\n                \"port\": 3389,\n                \"dest_ip\": \"10.10.40.5\",\n                \"dest_label\": \"0\",\n                \"service\": \"rdp\"\n            },\n            \"affected_environments\": [\n                {\n                    \"type\": \"network-label\",\n                    \"id\": \"0\"\n                }\n            ],\n            \"targets\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"10.10.40.5\",\n                    \"endpoint_ip\": \"10.10.40.5\",\n                    \"label\": \"0\"\n                }\n            ],\n            \"offenders\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"192.168.59.235\",\n                    \"endpoint_ip\": \"192.168.59.235\",\n                    \"label\": \"0\"\n                }\n            ],\n            \"from_playback\": false,\n            \"raw_data\": {\n                \"record_count\": 333,\n                \"first_record_timestamp\": \"2026-06-10T19:30:19.740Z\",\n                \"last_record_timestamp\": \"2026-06-10T19:30:39.660Z\",\n                \"first_record\": {\n                    \"entry\": {\n                        \"timestamp\": \"2026-06-10T19:30:19.740Z\",\n                        \"protocol\": \"tcp\",\n                        \"time_taken\": 89523,\n                        \"ip_version\": 4,\n                        \"final\": false,\n                        \"end_reason\": 1,\n                        \"source\": {\n                            \"ip\": \"192.168.59.235\",\n                            \"port\": 55082\n                        },\n                        \"destination\": {\n                            \"ip\": \"10.10.40.5\",\n                            \"port\": 3389\n                        },\n                        \"sent\": {\n                            \"bytes\": 4145,\n                            \"packets\": 27\n                        },\n                        \"received\": {\n                            \"bytes\": 4143,\n                            \"packets\": 27\n                        }\n                    },\n                    \"label\": \"0\",\n                    \"destinationLabel\": \"0\"\n                },\n                \"last_record\": {\n                    \"entry\": {\n                        \"timestamp\": \"2026-06-10T19:30:39.660Z\",\n                        \"protocol\": \"tcp\",\n                        \"time_taken\": 89739,\n                        \"ip_version\": 4,\n                        \"final\": false,\n                        \"end_reason\": 1,\n                        \"source\": {\n                            \"ip\": \"192.168.59.235\",\n                            \"port\": 52602\n                        },\n                        \"destination\": {\n                            \"ip\": \"10.10.40.5\",\n                            \"port\": 3389\n                        },\n                        \"sent\": {\n                            \"bytes\": 4148,\n                            \"packets\": 27\n                        },\n                        \"received\": {\n                            \"bytes\": 4151,\n                            \"packets\": 27\n                        }\n                    },\n                    \"label\": \"0\",\n                    \"destinationLabel\": \"0\"\n                }\n            }\n        },\n        {\n            \"company_id\": \"b321cdd2-9732-49f4-aa20-309b975ea60c\",\n            \"event_id\": \"c523e540-6502-11f1-a5ae-2eff16f18868\",\n            \"timestamp\": \"2026-06-10T19:29:59.700Z\",\n            \"detector_type\": \"network-access-abuse-detector\",\n            \"event_type\": \"network-brute-force\",\n            \"event_description\": \"Potential brute-force activity or protocol abuse.\",\n            \"source_type\": \"custom_collector\",\n            \"source_id\": \"8c60127d-b083-411a-ba9c-d4533589a318\",\n            \"adversary_types\": [\n                \"Network Brute Force\"\n            ],\n            \"incident_grouping_fields\": {\n                \"src_ip\": \"192.168.59.235\",\n                \"src_label\": \"0\"\n            },\n            \"events_grouping_fields\": {\n                \"transport_protocol\": \"tcp\",\n                \"port\": 3389,\n                \"dest_ip\": \"10.10.40.5\",\n                \"dest_label\": \"0\",\n                \"service\": \"rdp\"\n            },\n            \"affected_environments\": [\n                {\n                    \"type\": \"network-label\",\n                    \"id\": \"0\"\n                }\n            ],\n            \"targets\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"10.10.40.5\",\n                    \"endpoint_ip\": \"10.10.40.5\",\n                    \"label\": \"0\"\n                }\n            ],\n            \"offenders\": [\n                {\n                    \"type\": \"network-endpoint\",\n                    \"name\": \"192.168.59.235\",\n                    \"endpoint_ip\": \"192.168.59.235\",\n                    \"label\": \"0\"\n                }\n            ],\n            \"from_playback\": false,\n            \"raw_data\": {\n                \"record_count\": 329,\n                \"first_record_timestamp\": \"2026-06-10T19:30:00Z\",\n                \"last_record_timestamp\": \"2026-06-10T19:30:19.680Z\",\n                \"first_record\": {\n                    \"entry\": {\n                        \"timestamp\": \"2026-06-10T19:30:00.000Z\",\n                        \"protocol\": \"tcp\",\n                        \"time_taken\": 89695,\n                        \"ip_version\": 4,\n                        \"final\": false,\n                        \"end_reason\": 1,\n                        \"source\": {\n                            \"ip\": \"192.168.59.235\",\n                            \"port\": 58236\n                        },\n                        \"destination\": {\n                            \"ip\": \"10.10.40.5\",\n                            \"port\": 3389\n                        },\n                        \"sent\": {\n                            \"bytes\": 4153,\n                            \"packets\": 27\n                        },\n                        \"received\": null\n                    },\n                    \"label\": \"0\",\n                    \"destinationLabel\": \"0\"\n                },\n                \"last_record\": {\n                    \"entry\": {\n                        \"timestamp\": \"2026-06-10T19:30:19.680Z\",\n                        \"protocol\": \"tcp\",\n                        \"time_taken\": 89648,\n                        \"ip_version\": 4,\n                        \"final\": false,\n                        \"end_reason\": 1,\n                        \"source\": {\n                            \"ip\": \"192.168.59.235\",\n                            \"port\": 28018\n                        },\n                        \"destination\": {\n                            \"ip\": \"10.10.40.5\",\n                            \"port\": 3389\n                        },\n                        \"sent\": {\n                            \"bytes\": 4154,\n                            \"packets\": 27\n                        },\n                        \"received\": {\n                            \"bytes\": 4141,\n                            \"packets\": 27\n                        }\n                    },\n                    \"label\": \"0\",\n                    \"destinationLabel\": \"0\"\n                }\n            }\n        }\n    ]\n}"}],"_postman_id":"985fa7ac-a86e-4607-81da-f0bd6f6b0d21"},{"name":"Export security event details","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"6670441b-2216-4ca8-a241-b225f7e4fb64"}}],"id":"1b60f729-d36e-46b2-8c40-8dc6ca4f22e3","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incident_id>/security-events/<event_id>/details/export?key=&limit=<n>&file_name=<filename>&format=<csv|jsonl>&sort=<asc|desc>","description":"<p>Export the raw data of a specific event group within an incident into a csv or json file.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incident_id>","security-events","<event_id>","details","export"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"description":{"content":"<p>The maximum number of records to include in the generated file</p>\n","type":"text/plain"},"key":"limit","value":"<n>"},{"description":{"content":"<p>The desired name for the generated output file</p>\n","type":"text/plain"},"key":"file_name","value":"<filename>"},{"description":{"content":"<p>The file format for the export. Supported values: csv (Comma Separated Values) or jsonl (JSON Lines).</p>\n","type":"text/plain"},"key":"format","value":"<csv|jsonl>"},{"description":{"content":"<p>Order of the data within the file. If not specified, desc will be used as default. </p>\n","type":"text/plain"},"key":"sort","value":"<asc|desc>"}],"variable":[]}},"response":[{"id":"459eb2c6-e031-4809-8629-1ab72a6231f2","name":"Export security event details","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/secops/incidents/28bfe330-fd5f-11f0-bcb7-57f3fdca792c/security-events/<event_id>/details/export?key={{authorization_secret_-_uuid}}&file_name=test&format=jsnl&sort=desc","protocol":"https","host":["defender","lumu","io"],"path":["secops","incidents","28bfe330-fd5f-11f0-bcb7-57f3fdca792c","security-events","<event_id>","details","export"],"query":[{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"limit","value":"10","description":"The maximum number of records to include in the generated file","disabled":true},{"key":"file_name","value":"test","description":"The desired name for the generated output file"},{"key":"format","value":"jsnl","description":"The file format for the export. Supported values: csv (Comma Separated Values) or jsonl (JSON Lines)."},{"key":"sort","value":"desc","description":"Order of the data within the file. If not specified, desc will be used as default. "}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[],"responseTime":null,"body":"    {\r\n        \"company_id\": \"b321cdd2-9732-49f4-aa20-309b975ea60c\",\r\n        \"event_id\": \"dcfb6940-6502-11f1-a5ae-2eff16f18868\",\r\n        \"timestamp\": \"2026-06-10T19:30:39.700000\",\r\n        \"detector_type\": \"network-access-abuse-detector\",\r\n        \"event_type\": \"network-brute-force\",\r\n        \"event_description\": \"Potential brute-force activity or protocol abuse.\",\r\n        \"source_type\": \"custom_collector\",\r\n        \"source_id\": \"8c60127d-b083-411a-ba9c-d4533589a318\",\r\n        \"from_playback\": false,\r\n        \"adversary_types\": [\r\n            \"Network Brute Force\"\r\n        ],\r\n        \"incident_grouping_fields\": {\r\n            \"src_ip\": \"192.168.59.235\",\r\n            \"src_label\": \"0\"\r\n        },\r\n        \"events_grouping_fields\": {\r\n            \"transport_protocol\": \"tcp\",\r\n            \"port\": 3389,\r\n            \"dest_ip\": \"10.10.40.5\",\r\n            \"dest_label\": \"0\",\r\n            \"service\": \"rdp\"\r\n        },\r\n        \"raw_data\": [\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.700000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.700000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89728,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 32725\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.640000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.640000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89398,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26454\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.580000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.580000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89817,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43852\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.520000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.520000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89663,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 14128\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.460000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.460000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89631,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 20953\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.400000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.400000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89168,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 64812\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.340000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.340000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89921,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 64087\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.280000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.280000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89302,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 13094\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.220000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.220000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89447,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 60086\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.160000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.160000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89043,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 47469\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.100000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.100000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89841,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 61524\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:59.040000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:59.040000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89021,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 39659\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.980000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.980000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89464,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 20943\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.920000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.920000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89727,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26880\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.860000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.860000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89700,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 23241\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.800000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.800000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89880,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 38744\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.740000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.740000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89133,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 59400\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.680000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.680000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89875,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 44595\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.620000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.620000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89391,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 56856\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.560000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.560000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89098,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 35863\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.500000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.500000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89573,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 40709\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.440000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.440000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89320,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 29011\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.380000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.380000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89334,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 36210\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.320000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.320000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89377,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 60723\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.260000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.260000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89989,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26604\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.200000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.200000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89614,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 63105\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.140000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.140000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89009,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 48292\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.080000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.080000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89744,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26229\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:58.020000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:58.020000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89425,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43474\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.960000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.960000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89844,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 15236\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.900000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.900000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89167,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 15528\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.840000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.840000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89190,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 30252\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.780000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.780000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89720,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 10219\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.720000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.720000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89151,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58185\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.660000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.660000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89424,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 64040\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.600000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.600000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89735,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 59364\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.540000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.540000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89689,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 25559\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.480000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.480000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89817,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54153\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.420000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.420000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89807,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 55408\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.360000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.360000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89373,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 12214\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.300000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.300000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89447,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 48146\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.240000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.240000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89722,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54412\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.180000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.180000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89452,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 27186\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.120000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.120000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89764,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 31148\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57.060000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57.060000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89527,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 10756\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:57\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:57Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89114,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58227\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.940000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.940000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89296,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 35277\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.880000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.880000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89545,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 13636\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.820000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.820000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89369,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 20540\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.760000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.760000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89044,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 64875\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.700000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.700000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89372,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 34351\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.640000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.640000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89564,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 41455\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.580000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.580000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89594,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 44870\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.520000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.520000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89136,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 36864\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.460000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.460000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89689,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43687\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.400000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.400000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89836,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 13862\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.340000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.340000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89941,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54087\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.280000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.280000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89663,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 45040\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.220000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.220000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89431,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 57499\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.160000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.160000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89651,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 34738\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.100000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.100000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89010,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 39970\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:56.040000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:56.040000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89009,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54293\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.980000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.980000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89535,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 24340\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.920000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.920000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89615,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26795\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.860000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.860000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89472,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 36294\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.800000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.800000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89817,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 23619\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.740000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.740000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89702,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 20596\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.680000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.680000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89496,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 46420\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.620000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.620000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89500,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 57347\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.560000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.560000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89696,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 46468\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.500000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.500000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89248,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 19447\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.440000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.440000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89745,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 17431\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.380000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.380000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89190,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 62839\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.320000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.320000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89099,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 52734\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.260000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.260000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89849,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 51645\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.200000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.200000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89118,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 59241\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.140000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.140000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89069,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26255\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.080000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.080000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89815,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 19711\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:55.020000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:55.020000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89668,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 28085\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.960000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.960000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89180,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43248\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.900000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.900000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89967,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54134\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.840000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.840000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89239,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 22179\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.780000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.780000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89547,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58150\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.720000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.720000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89494,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 60265\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.660000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.660000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89196,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 42287\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.600000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.600000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89851,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 44801\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.540000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.540000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89621,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 60815\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.480000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.480000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89775,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 29635\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.420000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.420000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89275,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 47809\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.360000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.360000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89377,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 11836\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.300000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.300000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89064,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 53445\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.240000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.240000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89825,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 33690\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.180000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.180000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89812,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43940\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.120000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.120000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89424,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 60432\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54.060000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54.060000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89669,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 55262\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:54\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:54Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89010,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 34596\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:53.940000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:53.940000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89954,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 40835\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:53.880000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:53.880000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89015,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 18497\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:53.820000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:53.820000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89110,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 27955\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:53.760000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:53.760000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89945,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 39695\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            }\r\n        ]\r\n    }\r\n    {\r\n        \"company_id\": \"b321cdd2-9732-49f4-aa20-309b975ea60c\",\r\n        \"event_id\": \"d10fa740-6502-11f1-a5ae-2eff16f18868\",\r\n        \"timestamp\": \"2026-06-10T19:30:19.700000\",\r\n        \"detector_type\": \"network-access-abuse-detector\",\r\n        \"event_type\": \"network-brute-force\",\r\n        \"event_description\": \"Potential brute-force activity or protocol abuse.\",\r\n        \"source_type\": \"custom_collector\",\r\n        \"source_id\": \"8c60127d-b083-411a-ba9c-d4533589a318\",\r\n        \"from_playback\": false,\r\n        \"adversary_types\": [\r\n            \"Network Brute Force\"\r\n        ],\r\n        \"incident_grouping_fields\": {\r\n            \"src_ip\": \"192.168.59.235\",\r\n            \"src_label\": \"0\"\r\n        },\r\n        \"events_grouping_fields\": {\r\n            \"transport_protocol\": \"tcp\",\r\n            \"port\": 3389,\r\n            \"dest_ip\": \"10.10.40.5\",\r\n            \"dest_label\": \"0\",\r\n            \"service\": \"rdp\"\r\n        },\r\n        \"raw_data\": [\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.660000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.660000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89739,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 52602\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.600000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.600000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89274,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 11627\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.540000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.540000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89049,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 52587\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.480000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.480000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89759,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58876\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.420000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.420000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89652,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 23490\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.360000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.360000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89523,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 10660\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.300000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.300000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89073,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 39613\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.240000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.240000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89473,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 28621\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.180000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.180000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89541,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 40111\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.120000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.120000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89282,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 61529\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39.060000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39.060000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89268,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 13922\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:39\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:39Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89636,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 59567\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.940000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.940000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89190,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 59349\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.880000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.880000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89865,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 25815\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.820000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.820000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89349,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 28574\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.760000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.760000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89609,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26501\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.700000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.700000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89596,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 49993\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.640000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.640000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89400,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 33359\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.580000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.580000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89216,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 30084\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.520000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.520000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89062,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 46811\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.460000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.460000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89598,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43486\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.400000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.400000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89087,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 13003\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.340000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.340000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89602,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 20775\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.280000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.280000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89146,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 13676\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.220000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.220000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89613,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54615\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.160000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.160000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89132,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 10118\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.100000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.100000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89115,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 57805\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:38.040000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:38.040000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89619,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 10608\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.980000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.980000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89202,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 39029\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.920000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.920000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89638,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 48144\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.860000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.860000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89092,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 61553\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.800000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.800000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89844,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26062\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.740000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.740000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89002,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 34278\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.680000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.680000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89808,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 11398\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.620000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.620000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89743,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 25452\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.560000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.560000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89184,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54980\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.500000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.500000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89347,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 51344\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.440000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.440000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89977,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 17133\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.380000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.380000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89919,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 44778\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.320000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.320000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89216,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58600\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.260000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.260000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89842,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 40381\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.200000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.200000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89231,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 44331\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.140000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.140000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89504,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 27334\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.080000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.080000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89071,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 41934\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:37.020000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:37.020000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89528,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 46641\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.960000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.960000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89411,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 35336\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.900000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.900000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89709,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 22908\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.840000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.840000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89503,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 63922\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.780000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.780000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89491,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 64421\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.720000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.720000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89130,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26107\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.660000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.660000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89475,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 32326\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.600000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.600000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89873,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 25308\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.540000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.540000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89310,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 52449\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.480000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.480000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89376,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 32135\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.420000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.420000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89608,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 23174\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.360000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.360000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89910,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 20968\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.300000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.300000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89722,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 49766\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.240000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.240000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89258,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 40863\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.180000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.180000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89435,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 17550\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.120000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.120000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89106,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 57299\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36.060000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36.060000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89826,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 51424\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:36\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:36Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89875,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 64619\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.940000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.940000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89177,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 40815\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.880000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.880000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89448,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 36775\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.820000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.820000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89611,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 61329\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.760000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.760000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89673,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43832\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.700000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.700000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89575,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 47547\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.640000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.640000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89870,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54448\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.580000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.580000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89535,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 31483\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.520000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.520000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89558,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58582\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.460000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.460000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89325,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 51193\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.400000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.400000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89066,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 38485\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.340000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.340000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89409,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 31959\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.280000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.280000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89876,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 25071\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.220000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.220000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89447,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 29164\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.160000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.160000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89453,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 20523\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.100000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.100000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89364,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 24334\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:35.040000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:35.040000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89862,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 45982\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.980000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.980000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89212,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 25280\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.920000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.920000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89852,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 62897\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.860000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.860000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89673,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 28964\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.800000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.800000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89707,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 52459\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.740000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.740000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89924,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 15367\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.680000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.680000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89083,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 34327\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.620000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.620000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89179,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 48804\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.560000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.560000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89746,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 10995\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.500000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.500000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89009,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 42659\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.440000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.440000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89223,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 45311\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.380000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.380000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89854,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 30387\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.320000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.320000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89171,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 50044\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.260000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.260000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89186,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 13220\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.200000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.200000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89449,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 22491\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.140000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.140000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89343,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 47261\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.080000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.080000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89258,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 50855\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:34.020000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:34.020000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89961,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 45178\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:33.960000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:33.960000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89127,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 50092\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:33.900000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:33.900000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89973,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 25744\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:33.840000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:33.840000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89783,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 22981\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:33.780000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:33.780000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89437,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43072\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:33.720000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:33.720000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89923,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58486\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            }\r\n        ]\r\n    }\r\n    {\r\n        \"company_id\": \"b321cdd2-9732-49f4-aa20-309b975ea60c\",\r\n        \"event_id\": \"c523e540-6502-11f1-a5ae-2eff16f18868\",\r\n        \"timestamp\": \"2026-06-10T19:29:59.700000\",\r\n        \"detector_type\": \"network-access-abuse-detector\",\r\n        \"event_type\": \"network-brute-force\",\r\n        \"event_description\": \"Potential brute-force activity or protocol abuse.\",\r\n        \"source_type\": \"custom_collector\",\r\n        \"source_id\": \"8c60127d-b083-411a-ba9c-d4533589a318\",\r\n        \"from_playback\": false,\r\n        \"adversary_types\": [\r\n            \"Network Brute Force\"\r\n        ],\r\n        \"incident_grouping_fields\": {\r\n            \"src_ip\": \"192.168.59.235\",\r\n            \"src_label\": \"0\"\r\n        },\r\n        \"events_grouping_fields\": {\r\n            \"transport_protocol\": \"tcp\",\r\n            \"port\": 3389,\r\n            \"dest_ip\": \"10.10.40.5\",\r\n            \"dest_label\": \"0\",\r\n            \"service\": \"rdp\"\r\n        },\r\n        \"raw_data\": [\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.680000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.680000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89648,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 28018\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.620000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.620000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89058,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 59375\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.560000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.560000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89951,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 19021\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.500000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.500000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89441,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 41975\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.440000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.440000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89562,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 27223\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.380000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.380000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89571,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 42673\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.320000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.320000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89136,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 33473\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.260000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.260000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89073,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 19747\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.200000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.200000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89342,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 13045\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.140000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.140000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89886,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 33237\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.080000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.080000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89539,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 48190\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:19.020000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:19.020000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89329,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 33672\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.960000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.960000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89885,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 53482\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.900000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.900000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89081,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 48323\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.840000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.840000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89148,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 32597\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.780000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.780000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89077,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 44663\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.720000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.720000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89616,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 30716\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.660000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.660000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89225,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 53401\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.600000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.600000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89224,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 60705\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.540000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.540000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89048,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 34823\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.480000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.480000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89852,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 36383\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.420000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.420000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89630,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43297\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.360000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.360000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89590,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 38487\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.300000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.300000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89242,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 39424\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.240000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.240000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89208,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 15812\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.180000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.180000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89845,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 21199\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.120000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.120000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89895,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 17047\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18.060000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18.060000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89932,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 46687\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:18\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:18Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89190,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 29247\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.940000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.940000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89134,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 22704\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.880000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.880000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89813,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 39463\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.820000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.820000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89949,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 42477\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.760000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.760000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89827,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 22843\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.700000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.700000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89102,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 42837\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.640000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.640000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89035,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 11691\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.580000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.580000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89503,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 14528\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.520000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.520000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89611,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 50668\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.460000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.460000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89793,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 42806\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.400000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.400000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89221,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 15730\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.340000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.340000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89554,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58119\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.280000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.280000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89805,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 63370\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.220000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.220000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89537,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 62425\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.160000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.160000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89835,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 24606\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.100000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.100000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89366,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 14197\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:17.040000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:17.040000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89767,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 29271\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.980000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.980000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89273,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 24286\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.920000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.920000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89411,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 25586\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.860000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.860000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89990,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54551\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.800000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.800000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89391,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 37407\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.740000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.740000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89357,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 60025\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.680000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.680000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89407,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 22117\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.620000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.620000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89399,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54956\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.560000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.560000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89673,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 63892\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.500000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.500000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89601,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 16827\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.440000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.440000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89802,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 44948\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.380000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.380000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89813,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 28602\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.320000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.320000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89784,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 55905\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.260000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.260000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89106,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 43913\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.200000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.200000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89685,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 35910\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.140000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.140000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89404,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 15362\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.080000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.080000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89638,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 61412\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:16.020000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:16.020000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89899,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 20726\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.960000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.960000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89376,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58522\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.900000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.900000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89110,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54270\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.840000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.840000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89487,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 41978\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.780000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.780000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89313,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 42002\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.720000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.720000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89447,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 52310\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.660000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.660000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89016,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 50677\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.600000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.600000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89016,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58195\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.540000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.540000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89650,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 47414\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.480000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.480000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89964,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 32039\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4152,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.420000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.420000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89467,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 24851\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.360000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.360000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89708,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 37540\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.300000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.300000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89233,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 23598\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.240000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.240000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89482,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 17410\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.180000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.180000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89130,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 28286\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.120000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.120000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89970,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 55173\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15.060000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15.060000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89501,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 16581\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:15\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:15Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89597,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 14840\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.940000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.940000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89873,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 55504\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.880000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.880000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89627,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 50384\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.820000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.820000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89918,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 48651\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.760000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.760000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89223,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 55811\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4144,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.700000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.700000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89922,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 26229\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.640000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.640000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89605,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 20193\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4154,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.580000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.580000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89987,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 56581\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.520000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.520000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89404,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 29992\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4151,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.460000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.460000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89196,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 44087\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.400000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.400000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89837,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 58165\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4153,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.340000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.340000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89722,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 65424\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4149,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4142,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.280000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.280000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89409,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 39043\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.220000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.220000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89064,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 17455\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4145,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.160000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.160000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89572,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 56024\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4147,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.100000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.100000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89510,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 32409\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:14.040000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:14.040000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89337,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 56002\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4143,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:13.980000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:13.980000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89147,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 17451\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:13.920000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:13.920000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89989,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 50872\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4141,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:13.860000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:13.860000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89332,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 54145\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4146,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4148,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:13.800000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:13.800000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89479,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 34980\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": {\r\n                            \"bytes\": 4155,\r\n                            \"packets\": 27\r\n                        }\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            },\r\n            {\r\n                \"timestamp\": \"2026-06-10T19:30:13.740000\",\r\n                \"data\": {\r\n                    \"entry\": {\r\n                        \"timestamp\": \"2026-06-10T19:30:13.740000Z\",\r\n                        \"protocol\": \"tcp\",\r\n                        \"time_taken\": 89100,\r\n                        \"ip_version\": 4,\r\n                        \"final\": false,\r\n                        \"end_reason\": 1,\r\n                        \"source\": {\r\n                            \"ip\": \"192.168.59.235\",\r\n                            \"port\": 21034\r\n                        },\r\n                        \"destination\": {\r\n                            \"ip\": \"10.10.40.5\",\r\n                            \"port\": 3389\r\n                        },\r\n                        \"sent\": {\r\n                            \"bytes\": 4150,\r\n                            \"packets\": 27\r\n                        },\r\n                        \"received\": null\r\n                    },\r\n                    \"label\": \"0\",\r\n                    \"destinationLabel\": \"0\"\r\n                }\r\n            }\r\n        ]\r\n    }"}],"_postman_id":"1b60f729-d36e-46b2-8c40-8dc6ca4f22e3"},{"name":"Export incident security events details","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","packages":{},"requests":{},"id":"6b799f10-fdba-49f8-9f2c-d430e8a41777"}}],"id":"7559f9fd-bd27-4166-9bdc-a0c64d3e1bb3","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/secops/incidents/<incident_id>/security-events/details/export?key=&events_grouping_id=<events_grouping_id>&episode_id=<episode_id>&sort=<asc|desc>&limit=<n>&file_name=<filename>&format=<csv|jsonl>","description":"<p>Export the raw data of all event groups within an incident into a csv or json file.</p>\n","urlObject":{"protocol":"https","path":["api","secops","incidents","<incident_id>","security-events","details","export"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a>.</p>\n","type":"text/plain"},"key":"key","value":""},{"description":{"content":"<p>Optional. Unique identifier used to organize events within an incident into meaningful collections (e.g., by endpoint or user).</p>\n","type":"text/plain"},"key":"events_grouping_id","value":"<events_grouping_id>"},{"description":{"content":"<p>Optional. Unique identifier of  a single ocurrence of malicious behavior within an incident. </p>\n","type":"text/plain"},"key":"episode_id","value":"<episode_id>"},{"description":{"content":"<p>Order of the data within the file. If not specified, desc will be used as default. </p>\n","type":"text/plain"},"key":"sort","value":"<asc|desc>"},{"description":{"content":"<p>The maximum number of records to include in the generated file.</p>\n","type":"text/plain"},"key":"limit","value":"<n>"},{"description":{"content":"<p>The desired name for the generated file.</p>\n","type":"text/plain"},"key":"file_name","value":"<filename>"},{"description":{"content":"<p>The file format for the export. Supported values: csv (Comma Separated Values) or jsonl (JSON Lines).</p>\n","type":"text/plain"},"key":"format","value":"<csv|jsonl>"}],"variable":[]}},"response":[{"id":"5c24e8c4-bc7e-4a72-960a-0fa98e0ca3e5","name":"Export incident security events details","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/secops/incidents/28bfe330-fd5f-11f0-bcb7-57f3fdca792/security-events/details/export?key={{authorization_secret_-_uuid}}&sort=desc&limit=1&file_name=test&format=jsonl","protocol":"https","host":["defender","lumu","io"],"path":["secops","incidents","28bfe330-fd5f-11f0-bcb7-57f3fdca792","security-events","details","export"],"query":[{"key":"events_grouping_id","value":"<events_grouping_id>","description":"Optional. Unique identifier used to organize events within an incident into meaningful collections (e.g., by endpoint or user).","disabled":true},{"key":"episode_id","value":"<episode_id>","description":"Optional. Unique a identifier of  a single ocurrance of malicious behavior within an incident. ","disabled":true},{"key":"key","value":"{{authorization_secret_-_uuid}}","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)."},{"key":"sort","value":"desc","description":"Order of the data within the file. If not specified, desc will be used as default. "},{"key":"limit","value":"1","description":"The maximum number of records to include in the generated file."},{"key":"file_name","value":"test","description":"The desired name for the generated file."},{"key":"format","value":"jsonl","description":"The file format for the export. Supported values: csv (Comma Separated Values) or jsonl (JSON Lines)."}]}},"_postman_previewlanguage":"json","header":[{"key":"Content-Type","value":"application/json","description":"","type":"text"}],"cookie":[],"responseTime":null,"body":"{\r\n    \"company_id\": \"b321cdd2-9732-49f4-aa20-309b975ea60c\",\r\n    \"event_id\": \"d10fa740-6502-11f1-a5ae-2eff16f18868\",\r\n    \"timestamp\": \"2026-06-10T19:30:19.700000\",\r\n    \"detector_type\": \"network-access-abuse-detector\",\r\n    \"event_type\": \"network-brute-force\",\r\n    \"event_description\": \"Potential brute-force activity or protocol abuse.\",\r\n    \"source_type\": \"custom_collector\",\r\n    \"source_id\": \"8c60127d-b083-411a-ba9c-d4533589a318\",\r\n    \"from_playback\": false,\r\n    \"adversary_types\": [\r\n        \"Network Brute Force\"\r\n    ],\r\n    \"incident_grouping_fields\": {\r\n        \"src_ip\": \"192.168.59.235\",\r\n        \"src_label\": \"0\"\r\n    },\r\n    \"events_grouping_fields\": {\r\n        \"transport_protocol\": \"tcp\",\r\n        \"port\": 3389,\r\n        \"dest_ip\": \"10.10.40.5\",\r\n        \"dest_label\": \"0\",\r\n        \"service\": \"rdp\"\r\n    },\r\n    \"raw_data\": [\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.660000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.660000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89739,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 52602\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.600000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.600000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89274,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 11627\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4142,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.540000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.540000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89049,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 52587\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4154,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.480000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.480000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89759,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 58876\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4154,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.420000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.420000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89652,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 23490\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4142,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.360000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.360000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89523,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 10660\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.300000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.300000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89073,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 39613\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.240000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.240000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89473,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 28621\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.180000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.180000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89541,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 40111\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4143,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.120000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.120000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89282,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 61529\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4154,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39.060000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39.060000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89268,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 13922\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4141,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4154,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:39\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:39Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89636,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 59567\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.940000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.940000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89190,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 59349\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4146,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.880000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.880000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89865,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 25815\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4146,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.820000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.820000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89349,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 28574\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4155,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4141,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.760000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.760000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89609,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 26501\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.700000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.700000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89596,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 49993\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4155,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.640000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.640000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89400,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 33359\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.580000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.580000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89216,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 30084\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.520000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.520000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89062,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 46811\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.460000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.460000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89598,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 43486\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4141,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.400000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.400000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89087,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 13003\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.340000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.340000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89602,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 20775\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4146,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.280000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.280000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89146,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 13676\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4144,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.220000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.220000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89613,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 54615\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.160000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.160000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89132,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 10118\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4143,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.100000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.100000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89115,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 57805\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4144,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:38.040000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:38.040000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89619,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 10608\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4154,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.980000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.980000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89202,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 39029\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4155,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.920000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.920000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89638,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 48144\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.860000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.860000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89092,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 61553\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.800000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.800000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89844,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 26062\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.740000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.740000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89002,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 34278\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.680000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.680000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89808,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 11398\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.620000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.620000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89743,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 25452\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.560000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.560000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89184,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 54980\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.500000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.500000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89347,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 51344\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.440000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.440000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89977,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 17133\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4144,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4155,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.380000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.380000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89919,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 44778\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.320000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.320000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89216,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 58600\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.260000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.260000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89842,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 40381\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4142,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.200000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.200000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89231,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 44331\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4146,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4142,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.140000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.140000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89504,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 27334\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.080000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.080000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89071,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 41934\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:37.020000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:37.020000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89528,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 46641\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4143,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.960000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.960000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89411,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 35336\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.900000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.900000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89709,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 22908\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.840000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.840000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89503,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 63922\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4154,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.780000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.780000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89491,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 64421\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4141,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.720000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.720000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89130,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 26107\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.660000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.660000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89475,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 32326\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4142,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.600000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.600000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89873,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 25308\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.540000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.540000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89310,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 52449\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.480000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.480000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89376,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 32135\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.420000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.420000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89608,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 23174\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4155,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.360000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.360000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89910,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 20968\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.300000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.300000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89722,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 49766\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4143,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.240000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.240000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89258,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 40863\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4144,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.180000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.180000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89435,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 17550\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4144,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.120000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.120000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89106,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 57299\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4154,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36.060000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36.060000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89826,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 51424\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:36\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:36Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89875,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 64619\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4141,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.940000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.940000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89177,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 40815\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4146,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.880000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.880000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89448,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 36775\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4146,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.820000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.820000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89611,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 61329\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.760000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.760000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89673,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 43832\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4155,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.700000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.700000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89575,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 47547\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4155,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.640000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.640000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89870,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 54448\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.580000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.580000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89535,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 31483\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4141,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.520000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.520000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89558,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 58582\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4155,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.460000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.460000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89325,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 51193\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4143,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.400000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.400000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89066,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 38485\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4143,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.340000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.340000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89409,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 31959\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.280000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.280000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89876,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 25071\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.220000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.220000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89447,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 29164\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4144,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4146,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.160000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.160000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89453,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 20523\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.100000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.100000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89364,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 24334\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:35.040000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:35.040000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89862,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 45982\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.980000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.980000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89212,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 25280\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.920000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.920000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89852,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 62897\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.860000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.860000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89673,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 28964\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.800000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.800000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89707,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 52459\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.740000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.740000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89924,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 15367\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.680000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.680000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89083,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 34327\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.620000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.620000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89179,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 48804\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4141,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.560000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.560000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89746,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 10995\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4145,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.500000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.500000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89009,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 42659\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.440000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.440000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89223,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 45311\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.380000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.380000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89854,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 30387\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.320000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.320000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89171,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 50044\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4146,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.260000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.260000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89186,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 13220\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.200000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.200000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89449,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 22491\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4154,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.140000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.140000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89343,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 47261\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.080000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.080000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89258,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 50855\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:34.020000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:34.020000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89961,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 45178\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4147,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4155,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:33.960000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:33.960000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89127,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 50092\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4152,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4150,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:33.900000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:33.900000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89973,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 25744\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4151,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4142,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:33.840000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:33.840000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89783,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 22981\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4153,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": null\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:33.780000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:33.780000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89437,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 43072\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        },\r\n        {\r\n            \"timestamp\": \"2026-06-10T19:30:33.720000\",\r\n            \"data\": {\r\n                \"entry\": {\r\n                    \"timestamp\": \"2026-06-10T19:30:33.720000Z\",\r\n                    \"protocol\": \"tcp\",\r\n                    \"time_taken\": 89923,\r\n                    \"ip_version\": 4,\r\n                    \"final\": false,\r\n                    \"end_reason\": 1,\r\n                    \"source\": {\r\n                        \"ip\": \"192.168.59.235\",\r\n                        \"port\": 58486\r\n                    },\r\n                    \"destination\": {\r\n                        \"ip\": \"10.10.40.5\",\r\n                        \"port\": 3389\r\n                    },\r\n                    \"sent\": {\r\n                        \"bytes\": 4149,\r\n                        \"packets\": 27\r\n                    },\r\n                    \"received\": {\r\n                        \"bytes\": 4148,\r\n                        \"packets\": 27\r\n                    }\r\n                },\r\n                \"label\": \"0\",\r\n                \"destinationLabel\": \"0\"\r\n            }\r\n        }\r\n    ]\r\n}"}],"_postman_id":"7559f9fd-bd27-4166-9bdc-a0c64d3e1bb3"}],"id":"ccb2b346-4ee7-47f4-9d84-460515cf472a","description":"<p>This endpoint replaces the legacy /incidents enpoint, which is now deprecated. While legacy services will remain active, we strongly recommend routing all new integrations through this endpoint.</p>\n<p>The <code>/secops/incidents</code> endpoints contain extensive information about incidents and security events of your company. This endpoint supports the new incident detections (Login Brute Force, Unusual Login and Network Bruteforce) and provides extended information about the security events affecting your company.</p>\n<h2 id=\"grouping-logic\">Grouping logic</h2>\n<p>The API groups related security events into compact, manageable incidents to help security operators focus on the most relevant information during investigation, instead of manually sorting through large volumes of raw data.</p>\n<p>The API uses specific identifiers to systematically organize incoming security events. The <strong>incident_id</strong> is always present across all detections, whereas <strong>events_grouping_id</strong> and <strong>episode_id</strong> are conditional elements, present only if they make sense for the specific incident type.</p>\n<ul>\n<li><p>I<strong>ncident grouping (incident_id)</strong>: Determines the top-level incident boundary. All events sharing this ID are aggregated into the same incident. A common baseline for this parameter is the incident type or adversary type. This ID is always present.</p>\n</li>\n<li><p><strong>Events grouping (events_grouping_id)</strong>: Organizes events inside an incident into meaningful collections to make large incidents more manageable for investigation. Common events grouping criteria include:</p>\n<ul>\n<li><p>Endpoint (device ID or hostname)</p>\n</li>\n<li><p>User account</p>\n</li>\n<li><p>Destination (IP, domain)</p>\n</li>\n</ul>\n</li>\n<li><p><strong>Episodes (episode_id)</strong>: Tracks a single, continuous instance of malicious behavior, for example, a concentrated series of authentication attempts against a specific account within a time window (a Login Brute Force incident). Due to its nature, this identifier will only show up when it makes sense for the incident.</p>\n</li>\n</ul>\n<p><em>The grouping logic is strictly defined by the Defender API and it cannot be changed.</em></p>\n<h2 id=\"general-considerations\">General considerations</h2>\n<p>The set of incident status (<code>status</code>) and incident types (<code>incident-types</code>) can vary, therefore, any implementation using endpoints that receive those as query data should consider variations. These are the current values for these parameters:</p>\n<ul>\n<li><p>status: <code>\"open\", \"muted\", \"closed\"</code>.</p>\n</li>\n<li><p>event-types: <code>\"malicious-infrastructure\", \"network-brute-force\", \"login-brute-force\", \"unusual-login\", \"cloud-exfiltration\", \"dns-tunneling\", \"anonymized-login\"</code></p>\n</li>\n</ul>\n<h2 id=\"subscribe-to-incidents-websocket\">Subscribe to Incidents (Websocket)</h2>\n<p>Lumu provides a streaming endpoint to subscribe to real-time updates on incident operations. Establishing a connection to the streaming API means making a very long-lived HTTP request, and parsing the response incrementally.</p>\n<blockquote>\n<p>For details on API stream, consult <a href=\"https://docs.lumu.io/portal/en/kb/articles/core-concepts-api#Subscribe_to_Incidents_Websocket\">our documentation</a>. </p>\n</blockquote>\n<h2 id=\"user-identification-considerations\">User identification considerations</h2>\n<p>To associate a specific user to POST API transactions (mark as read, mute, unmute and close), you should include the header <code>Lumu-User-Id</code> with the user id as a value.</p>\n<blockquote>\n<p>Example: <code>Lumu-User-Id: 2</code>. This parameter is optional and when not included, the action taken will not be associated to any user. For example, if we set in the query header the id 2, that corresponds to the user “Integration user”, the incident log will look like the following image: </p>\n</blockquote>\n<img src=\"https://content.pstmn.io/65b3561a-daea-4e70-9b75-ceb3e07146f2/aW1hZ2UucG5n\" width=\"1600\" height=\"521\" />","_postman_id":"ccb2b346-4ee7-47f4-9d84-460515cf472a"},{"name":"Working with Adversarial Activity","item":[{"name":"Retrieve contacted adversaries","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"e91984b2-3b57-4ab7-9b1c-d3bdc365727c"}}],"id":"32779929-a575-4ceb-83c7-a82ff92a8c02","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"fromDate\": \"2021-04-01T14:40:14.939Z\", //Search start date. The default value is 7 days before the current date.\n  \"toDate\": \"2021-04-01T14:40:14.939Z\", //Search end date. The default value is the current date.\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\n  \"labels\": [1, 2, 3], //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\n   \"endpoints\": [\"182.168.100.29\", \"DESK-9867\"] //List of ID of contacting endpoints. If not specified, all objects are returned.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries?key=","description":"<p>Get a paginated summary of the adversaries contacted by endpoints within a time-frame.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"dcde18c7-e509-4526-b5dc-8d76a390b54d","name":"Retrieve contacted adversaries","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\n  \"fromDate\": \"2021-02-23T16:15:30.00-05:00[Europe/Paris]\",\n  \"toDate\": \"2021-03-15T16:15:30.234+01:00[Europe/Paris]\",\n  \"adversary-types\": [],\n  \"endpoints\": [],\n  \"labels\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"host\": \"example.xyz\",\n            \"adversary-types\": [\n                \"Spam\"\n            ],\n            \"descriptions\": [\n                \"Spam related\"\n            ],\n            \"contacts\": 1,\n            \"last-contact\": {\n                \"time\": \"2020-06-06T11:05:11.964Z\",\n                \"endpoint\": \"Gateway company 1\",\n                \"label\": 37\n            }\n        }\n    ],\n    \"timestamp\": \"2021-03-15T15:15:30.234Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 50\n    }\n}"}],"_postman_id":"32779929-a575-4ceb-83c7-a82ff92a8c02"},{"name":"Retrieve contacted adversaries","id":"5dcffe96-213c-4ece-8257-a672c6bc52ec","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries?key=","description":"<p>Get a paginated summary of the adversaries contacted by endpoints within a time-frame.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"c40f202b-2dbf-4ea9-b113-55eaca446fe4","name":"Retrieve contacted adversaries","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"host\": \"example.xyz\",\n            \"adversary-types\": [\n                \"Spam\"\n            ],\n            \"descriptions\": [\n                \"Spam related\"\n            ],\n            \"contacts\": 1,\n            \"last-contact\": {\n                \"time\": \"2020-06-06T11:05:11.964Z\",\n                \"endpoint\": \"Gateway company 1\",\n                \"label\": 37\n            }\n        }\n    ],\n    \"timestamp\": \"2021-03-15T15:15:30.234Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 50\n    }\n}"}],"_postman_id":"5dcffe96-213c-4ece-8257-a672c6bc52ec"},{"name":"Retrieve last contacted adversaries","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"4959e9a8-5274-4025-a2bf-5bf37fa5b036"}}],"id":"23c43121-0829-4d3b-be04-6d977a2b3709","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200, //The number of past hours you want to narrow your results to. The default value is 1.\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\n  \"labels\": [1, 2, 3], //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\n   \"endpoints\": [\"182.168.100.29\", \"DESK-9867\"] //List of ID of contacting endpoints. If not specified, all objects are returned.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/last?key=","description":"<p>Get a paginated list of details from adversarial hosts contacted within a number of past hours.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","last"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"fab2bdbf-09d9-477f-885b-7d31b4baeea4","name":"Retrieve last contacted adversaries","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\n  \"hours\": 200,\n  \"adversary-types\": [],\n  \"labels\": [],\n  \"endpoints\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/last?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","last"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"host\": \"example.com\",\n            \"adversary-types\": [\n                \"Phishing\"\n            ],\n            \"descriptions\": [\n                \"Phishing domain\"\n            ],\n            \"contacts\": 15,\n            \"last-contact\": {\n                \"time\": \"2021-04-12T15:25:02.228Z\",\n                \"endpoint\": \"Gateway 1\",\n                \"label\": 37\n            }\n        }\n    ],\n    \"timestamp\": \"2021-03-15T15:15:30.234Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 50\n    }\n}"}],"_postman_id":"23c43121-0829-4d3b-be04-6d977a2b3709"},{"name":"Retrieve last contacted adversaries","id":"2c99ff8b-3b84-43aa-85fc-dec2e69961e9","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/last?key=","description":"<p>Get a paginated list of details from adversarial hosts contacted within a number of past hours.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","last"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The maximum number of items that will be returned (default: 10, max: 10240)</p>\n","type":"text/plain"},"key":"max-items","value":""},{"disabled":true,"description":{"content":"<p>The number of past hours you want to narrow your results to  (default: 1)</p>\n","type":"text/plain"},"key":"hours","value":""}],"variable":[]}},"response":[{"id":"713c81b2-0346-4031-b80e-10a406cf7d8f","name":"Retrieve last contacted adversaries","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/last?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&max-items=1&hours=1","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","last"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"max-items","value":"1","description":"The maximum number of items that will be returned (default: 10, max: 10240)"},{"key":"hours","value":"1","description":"The number of past hours you want to narrow your results to  (default: 1)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\r\n    \"items\": [\r\n        {\r\n            \"host\": \"example.com\",\r\n            \"adversary-types\": [\r\n                \"Phishing\"\r\n            ],\r\n            \"descriptions\": [\r\n                \"Phishing domain\"\r\n            ],\r\n            \"contacts\": 15,\r\n            \"last-contact\": {\r\n                \"time\": \"2021-04-12T15:25:02.228Z\",\r\n                \"endpoint\": \"Gateway 1\",\r\n                \"label\": 37\r\n            }\r\n        }\r\n    ],\r\n    \"timestamp\": \"2021-03-15T15:15:30.234Z\",\r\n    \"pagination\": {\r\n        \"page\": 1,\r\n        \"items\": 50\r\n    }\r\n}"}],"_postman_id":"2c99ff8b-3b84-43aa-85fc-dec2e69961e9"},{"name":"Retrieve last contacted adversaries list","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"bb35f05c-f017-40e6-9a7f-86e4793f1f1f"}}],"id":"39d87304-d3c6-44cc-89b9-1e3b875ea962","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200, //The number of past hours you want to narrow your results to. The default value is 1.\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\n  \"labels\": [1, 2, 3], //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\n   \"endpoints\": [\"182.168.100.29\", \"DESK-9867\"] //List of ID of contacting endpoints. If not specified, all objects are returned.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/last/list?key=","description":"<p>Get a list of adversarial hosts contacted within a number of past hours in plain text format.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","last","list"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The maximum number of items that will be returned (default: 10, max: 10240)</p>\n","type":"text/plain"},"key":"max-items","value":""}],"variable":[]}},"response":[{"id":"5fbc713a-543f-4542-9e0f-03e214ab3fac","name":"Retrieve last contacted adversaries list","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200,\n  \"adversary-types\": [],\n  \"endpoints\": [],\n  \"labels\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/last/list?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&max-items=10","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","last","list"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"max-items","value":"10","description":"The maximum number of items that will be returned (default: 10, max: 10240)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":"126.25.36.2\r\nfraud.ro\r\nphishing.com\r\nfake-site.com\r\n95.26.34.5"}],"_postman_id":"39d87304-d3c6-44cc-89b9-1e3b875ea962"},{"name":"Retrieve last contacted adversaries list","id":"d57cf829-10c6-40a9-b9b2-10571f38acb0","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/last/list?key=","description":"<p>Get a list of adversarial hosts contacted within a number of past hours in plain text format.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","last","list"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The maximum number of items that will be returned (default: 10, max: 10240)</p>\n","type":"text/plain"},"key":"max-items","value":""},{"disabled":true,"description":{"content":"<p>The number of past hours you want to narrow your results to  (default: 1)</p>\n","type":"text/plain"},"key":"hours","value":""}],"variable":[]}},"response":[{"id":"c662ac67-624e-4a6c-9295-f2659c56c72e","name":"Retrieve last contacted adversaries list","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/last/list?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&max-items=10&hours=1","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","last","list"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"max-items","value":"10","description":"The maximum number of items that will be returned (default: 10, max: 10240)"},{"key":"hours","value":"1","description":"The number of past hours you want to narrow your results to  (default: 1)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":"126.25.36.2\r\nfraud.ro\r\nphishing.com\r\nfake-site.com\r\n95.26.34.5"}],"_postman_id":"d57cf829-10c6-40a9-b9b2-10571f38acb0"},{"name":"Retrieve affected endpoints","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"432d9955-78f9-4ea1-9ec8-af04e2195dc4"}}],"id":"97275839-416b-4446-9f28-72978e24ec42","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"fromDate\": \"2021-04-01T14:40:14.939Z\", //Search start date. The default value is 7 days before the current date.\n  \"toDate\": \"2021-04-01T14:40:14.939Z\", //Search end date. The default value is the current date.\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\n  \"adversaries\": [\"phishing-site.domain\"], //List of adversarial hosts. If not specified, all objects are returned.\n  \"labels\": [1, 2, 3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints?key=","description":"<p>Get a paginated summary of the incidents across endpoints within a time-frame.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","affected-endpoints"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"cc3de0e2-4f0a-4875-949e-08ab546bccf1","name":"Retrieve affected endpoints","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"fromDate\": \"2021-02-23T16:15:30.00-05:00[Europe/Paris]\",\n  \"toDate\": \"2021-03-15T16:15:30.234+01:00[Europe/Paris]\",\n  \"adversary-types\": [],\n  \"adversaries\": [],\n  \"labels\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","affected-endpoints"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"label\": 38,\n            \"endpoint\": \"192.168.0.103\",\n            \"last-ip\": \"192.168.0.103\",\n            \"total-activity\": 6,\n            \"adversarial-contacts\": {\n                \"last-time\": \"2020-12-01T17:36:02.228Z\",\n                \"last-host\": \"example.xyz\",\n                \"count\": 6, //This total count does not necessarily have to match the sum of the incident types, as the same incident can be classified in different categories. In case an endpoint was contacted by two or more adversaries, only the most recent adversary will be retrieved.\n                \"distribution\": {\n                    \"C2C\": 5,\n                    \"Mining\": 1\n                }\n            }\n        }\n    ],\n    \"timestamp\": \"2021-03-15T15:15:30.234Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 50\n    }\n}"}],"_postman_id":"97275839-416b-4446-9f28-72978e24ec42"},{"name":"Retrieve affected endpoints","id":"d58b3945-a931-4f4d-ac32-b077fb83937b","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints?key=","description":"<p>Get a paginated summary of the endpoints affected by adversarial contact within a  time-frame.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","affected-endpoints"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"50cea17c-fa17-4b52-871c-066fb484c993","name":"Retrieve affected endpoints","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","affected-endpoints"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"label\": 38,\n            \"endpoint\": \"192.168.0.103\",\n            \"last-ip\": \"192.168.0.103\",\n            \"total-activity\": 6,\n            \"adversarial-contacts\": {\n                \"last-time\": \"2020-12-01T17:36:02.228Z\",\n                \"last-host\": \"example.xyz\",\n                \"count\": 6, //This total count does not necessarily have to match the sum of the incident types, as the same incident can be classified in different categories. In case an endpoint was contacted by two or more adversaries, only the most recent adversary will be retrieved.\n                \"distribution\": {\n                    \"C2C\": 5,\n                    \"Mining\": 1\n                }\n            }\n        }\n    ],\n    \"timestamp\": \"2021-03-15T15:15:30.234Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 50\n    }\n}"}],"_postman_id":"d58b3945-a931-4f4d-ac32-b077fb83937b"},{"name":"Retrieve last affected endpoints","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"90ae667c-bb44-44b6-bdd5-80129b8f4a7e"}}],"id":"8fa2f349-dbff-4730-bf72-ff4bcaba1275","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n  \"hours\": 200, //The number of past hours you want to narrow your results to. The default value is 1.\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\n  \"labels\": [1, 2, 3], //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\n  \"adversaries\": [\"phishing-site.domain\"] //List of adversarial hosts. If not specified, all objects are returned.\n}"},"url":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints/last?key=","description":"<p>Get a paginated list of endpoints and adversarial contacts within a number of past hours.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","affected-endpoints","last"],"host":["defender","lumu","io"],"query":[{"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"8cf02f76-ac96-4a7b-8514-60a45e19f489","name":"Retrieve last affected endpoints","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\n  \"hours\": 700,\n  \"adversary-types\": [],\n  \"adversaries\": [],\n  \"labels\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints/last?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","affected-endpoints","last"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"label\": 37,\n            \"endpoint\": \"Gateway 1\",\n            \"last-ip\": \"192.168.3.11\",\n            \"total-activity\": 15,\n            \"adversarial-contacts\": {\n                \"last-time\": \"2021-04-12T15:25:02.228Z\",\n                \"last-host\": \"example.com\",\n                \"count\": 15, //This total count does not necessarily have to match the sum of the incident types, as the same incident can be classified in different categories. In case an endpoint was contacted by two or more adversaries, only the most recent adversary will be retrieved.\n                \"distribution\": {\n                    \"Phishing\": 15\n                }\n            }\n        }\n    ],\n    \"timestamp\": \"2021-04-26T17:55:43.929612Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 50\n    }\n}"}],"_postman_id":"8fa2f349-dbff-4730-bf72-ff4bcaba1275"},{"name":"Retrieve last affected endpoints","id":"d6562c30-1b58-42ff-ba79-9d68549a91a1","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints/last?key=","description":"<p>Get a paginated list of endpoints and adversarial contacts within a number of past hours.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","affected-endpoints","last"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""},{"disabled":true,"description":{"content":"<p>The number of past hours you want to narrow your results to  (default: 1)</p>\n","type":"text/plain"},"key":"hours","value":""}],"variable":[]}},"response":[{"id":"b0210932-03f8-45d6-b63b-b5e73ce1067e","name":"Retrieve last affected endpoints","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints/last?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50&hours=1","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","affected-endpoints","last"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Limit the number of results per page (default: 50, max: 100)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"},{"key":"hours","value":"1","description":"The number of past hours you want to narrow your results to  (default: 1)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\r\n    \"items\": [\r\n        {\r\n            \"label\": 37,\r\n            \"endpoint\": \"Gateway 1\",\r\n            \"last-ip\": \"192.168.3.11\",\r\n            \"total-activity\": 15,\r\n            \"adversarial-contacts\": {\r\n                \"last-time\": \"2021-04-12T15:25:02.228Z\",\r\n                \"last-host\": \"example.com\",\r\n                \"count\": 15, //This total count does not necessarily have to match the sum of the incident types, as the same incident can be classified in different categories. In case an endpoint was contacted by two or more adversaries, only the most recent adversary will be retrieved.\r\n                \"distribution\": {\r\n                    \"Phishing\": 15\r\n                }\r\n            }\r\n        }\r\n    ],\r\n    \"timestamp\": \"2021-04-26T17:55:43.929612Z\",\r\n    \"pagination\": {\r\n        \"page\": 1,\r\n        \"items\": 50\r\n    }\r\n}"}],"_postman_id":"d6562c30-1b58-42ff-ba79-9d68549a91a1"},{"name":"Retrieve last affected endpoints list","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"59d88db0-123e-4e6e-b7a0-5e842d469ba8"}}],"id":"84bfe1f3-f850-48bc-b3ee-18ab693f8968","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200, //The number of past hours you want to narrow your results to. The default value is 1.\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\n  \"labels\": [1, 2, 3], //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\n  \"adversaries\": [\"phishing-site.domain\"], //List of adversarial hosts. If not specified, all objects are returned.\n  \"endpoint-identification-type\": \"ID\" //Type of endpoint identification. Possible values: \"IP\" (IP address), “ID” (case-sensitive endpoint ID) - The default value is \"ID\"\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints/last/list?key=","description":"<p>Get a list of endpoints with adversarial contacts within a number of hours in plain text format.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","affected-endpoints","last","list"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The maximum number of items that will be returned (default: 10, max: 10240)</p>\n","type":"text/plain"},"key":"max-items","value":""},{"disabled":true,"key":"","value":""}],"variable":[]}},"response":[{"id":"8d24004a-3f65-43e2-9900-48a97f4bef3c","name":"Retrieve last affected endpoints list","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\n  \"hours\": 700,\n  \"adversary-types\": [],\n  \"adversaries\": [],\n  \"endpoint-identification-type\": \"\",\n  \"labels\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints/last/list?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&max-items=10","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","affected-endpoints","last","list"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"max-items","value":"10","description":"The maximum number of items that will be returned (default: 10, max: 10240)"},{"key":"","value":"","disabled":true}]}},"status":"- Success","code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":"FW_SGM_DC_01\r\ndevice95639625\r\nDevice64146868"}],"_postman_id":"84bfe1f3-f850-48bc-b3ee-18ab693f8968"},{"name":"Retrieve last affected endpoints list","id":"b6f66fd5-10c9-472b-9c2a-81242e9ee896","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints/last/list?key=","description":"<p>Get a list of endpoints with adversarial contacts within a number of hours in plain text format.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","affected-endpoints","last","list"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The maximum number of items that will be returned (default: 10, max: 10240)</p>\n","type":"text/plain"},"key":"max-items","value":""},{"disabled":true,"description":{"content":"<p>The number of past hours you want to narrow your results to  (default: 1)</p>\n","type":"text/plain"},"key":"hours","value":""}],"variable":[]}},"response":[{"id":"918d13e8-bc3b-45c8-88ac-bac7b8ccb070","name":"Retrieve last contacted endpoints list","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/affected-endpoints/last/list?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&max-items=50&hours=1","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","affected-endpoints","last","list"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"\tYour company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"max-items","value":"50","description":"The maximum number of items that will be returned (default: 10, max: 10240)"},{"key":"hours","value":"1","description":"The number of past hours you want to narrow your results to. The default value is 1."}]}},"status":"- Success","code":200,"_postman_previewlanguage":"plain","header":[],"cookie":[],"responseTime":null,"body":"FW_SGM_DC_01\r\ndevice95639625\r\nDevice64146868"}],"_postman_id":"b6f66fd5-10c9-472b-9c2a-81242e9ee896"},{"name":"Retrieve contacted adversaries related to Spambox","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"4dcd624e-304c-46f0-8ac0-f4416135b6e1"}}],"id":"45f044e9-1d17-4643-960c-62e172878845","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"fromDate\": \"2021-04-01T14:40:14.939Z\", //Search start date. The default value is 7 days before the current date.\n  \"toDate\": \"2021-04-01T14:40:14.939Z\", //Search end date. The default value is the current date.\n  \"labels\": [1, 2, 3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox?key=","description":"<p>Get a paginated summary of the adversaries related to Spambox that were contacted by endpoints.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","spambox"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"34681694-1515-4018-9c9b-b5a62f12ffb2","name":"Retrieve contacted adversaries related to Spambox","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\n  \"fromDate\": \"2021-03-20T16:15:30.00-05:00[Europe/Paris]\",\n  \"toDate\": \"2021-04-20T16:15:30.234+01:00[Europe/Paris]\",\n  \"labels\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","spambox"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"host\": \"malicious.com\",\n            \"adversary-types\": [\n                \"Phishing\"\n            ],\n            \"descriptions\": [\n                \"Phishing domain\"\n            ],\n            \"contacts\": 1,\n            \"last-contact\": {\n                \"time\": \"2021-03-23T15:37:02.228Z\",\n                \"endpoint\": \"Seek & Destroy\",\n                \"label\": 55\n            }\n        }\n    ],\n    \"timestamp\": \"2021-04-20T15:15:30.234Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 1,\n        \"next\": 2\n    }\n}"}],"_postman_id":"45f044e9-1d17-4643-960c-62e172878845"},{"name":"Retrieve contacted adversaries related to Spambox","id":"1e322dde-bc8b-4fdb-8b82-57c06e9794b7","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox?key=","description":"<p>Get a paginated summary of the adversaries related to Spambox that were contacted by endpoints.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","spambox"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"9d141661-299e-4176-875b-24acff4a57d3","name":"Retrieve contacted adversaries related to Spambox","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","spambox"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"host\": \"malicious.com\",\n            \"adversary-types\": [\n                \"Phishing\"\n            ],\n            \"descriptions\": [\n                \"Phishing domain\"\n            ],\n            \"contacts\": 1,\n            \"last-contact\": {\n                \"time\": \"2021-03-23T15:37:02.228Z\",\n                \"endpoint\": \"Seek & Destroy\",\n                \"label\": 55\n            }\n        }\n    ],\n    \"timestamp\": \"2021-04-20T15:15:30.234Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 1,\n        \"next\": 2\n    }\n}"}],"_postman_id":"1e322dde-bc8b-4fdb-8b82-57c06e9794b7"},{"name":"Retrieve last contacted adversaries related to Spambox","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"d97b7fad-d0f3-49a5-9acf-2918942d4143"}}],"id":"7e83a2da-12ef-47cb-9475-e6972973e86a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200, //The number of past hours you want to narrow your results to. The default value is 1.\n  \"labels\": [1, 2, 3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox/last?key=","description":"<p>Get a detailed list of adversarial hosts contacted, related to Spambox, within a number of past hours.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","spambox","last"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"2f11d6ec-4a21-4e7b-8280-4d61ed53301e","name":"Retrieve last contacted adversaries related to Spambox","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200,\n  \"labels\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox/last?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","spambox","last"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"host\": \"suspicious.com\",\n            \"adversary-types\": [\n                \"C2C\"\n            ],\n            \"descriptions\": [\n                \"Malware family ZeuS\"\n            ],\n            \"contacts\": 3,\n            \"last-contact\": {\n                \"time\": \"2021-04-26T22:37:59.148Z\",\n                \"endpoint\": \"New GW\",\n                \"label\": 144\n            }\n        }\n    ],\n    \"timestamp\": \"2021-04-28T18:05:06.517940Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 1,\n        \"next\": 2\n    }\n}"}],"_postman_id":"7e83a2da-12ef-47cb-9475-e6972973e86a"},{"name":"Retrieve last contacted adversaries related to Spambox","id":"801852c5-238d-4803-99df-f8b62eeb7249","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox/last?key=","description":"<p>Get a detailed list of adversarial hosts contacted, related to Spambox, within a number of past hours.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","spambox","last"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""},{"disabled":true,"description":{"content":"<p>The number of past hours you want to narrow your results to  (default: 1)</p>\n","type":"text/plain"},"key":"hours","value":""}],"variable":[]}},"response":[{"id":"93bedc43-0453-49b2-8471-d74a014cc8a2","name":"Retrieve last contacted adversaries related to Spambox","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox/last?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50&hours=1","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","spambox","last"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"},{"key":"hours","value":"1","description":"The number of past hours you want to narrow your results to  (default: 1)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"host\": \"suspicious.com\",\n            \"adversary-types\": [\n                \"C2C\"\n            ],\n            \"descriptions\": [\n                \"Malware family ZeuS\"\n            ],\n            \"contacts\": 3,\n            \"last-contact\": {\n                \"time\": \"2021-04-26T22:37:59.148Z\",\n                \"endpoint\": \"New GW\",\n                \"label\": 144\n            }\n        }\n    ],\n    \"timestamp\": \"2021-04-28T18:05:06.517940Z\",\n    \"pagination\": {\n        \"page\": 1,\n        \"items\": 1,\n        \"next\": 2\n    }\n}"}],"_postman_id":"801852c5-238d-4803-99df-f8b62eeb7249"},{"name":"Retrieve last contacted adversaries list related to Spambox","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"abfe5598-c23c-4308-b6d3-b38b8212b13d"}}],"id":"6e711ae1-f47f-4ce2-89a7-cb58f73000b2","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200, //The number of past hours you want to narrow your results to. The default value is 1.\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"] //Adversary types. If not specified, all objects are returned.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox/last/list?key=","description":"<p>Get a list of adversarial hosts contacted within a number of past hours in plain text format.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","spambox","last","list"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The maximum number of items that will be returned (default: 10, max: 10240)</p>\n","type":"text/plain"},"key":"max-items","value":""}],"variable":[]}},"response":[{"id":"0dec024e-c4c4-4f9a-b637-af8024b4fcbf","name":"Retrieve last contacted adversaries list related to Spambox","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200,\n  \"adversary-types\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox/last/list?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&max-items=10","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","spambox","last","list"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"max-items","value":"10","description":"The maximum number of items that will be returned (default: 10, max: 10240)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":"fraud.ro\r\nphishing.com\r\nfake-site.com"}],"_postman_id":"6e711ae1-f47f-4ce2-89a7-cb58f73000b2"},{"name":"Retrieve last contacted adversaries list related to Spambox","id":"80a4c894-6537-469c-8691-05084d60cd58","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox/last/list?key=","description":"<p>Get a list of adversarial hosts contacted within a number of past hours in plain text format.</p>\n","urlObject":{"protocol":"https","path":["api","adversarial-activity","contacted-adversaries","spambox","last","list"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The maximum number of items that will be returned (default: 10, max: 10240)</p>\n","type":"text/plain"},"key":"max-items","value":""},{"disabled":true,"description":{"content":"<p>The number of past hours you want to narrow your results to  (default: 1)</p>\n","type":"text/plain"},"key":"hours","value":""}],"variable":[]}},"response":[{"id":"cb558070-d8c6-427b-864e-e4d2a824583f","name":"Retrieve last contacted adversaries list related to Spambox","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/adversarial-activity/contacted-adversaries/spambox/last/list?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&max-items=10&hours=1","protocol":"https","host":["defender","lumu","io"],"path":["api","adversarial-activity","contacted-adversaries","spambox","last","list"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"max-items","value":"10","description":"The maximum number of items that will be returned (default: 10, max: 10240)"},{"key":"hours","value":"1","description":"The number of past hours you want to narrow your results to  (default: 1)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":"fraud.ro\r\nphishing.com\r\nfake-site.com"}],"_postman_id":"80a4c894-6537-469c-8691-05084d60cd58"}],"id":"252ba7d2-77ea-48fa-9e21-4ae6efdd6f72","description":"<p>The <code>/adversarial-activity</code> endpoints contain detailed compromise activity detected on your network, categorized according to threat type. </p>\n<blockquote>\n<p>For the GET endpoint queries, the default values are used for all parameters.</p>\n</blockquote>\n","event":[{"listen":"prerequest","script":{"type":"text/javascript","exec":[""],"id":"263d9918-9a06-4194-b20d-0789c0227692"}},{"listen":"test","script":{"type":"text/javascript","exec":[""],"id":"e9e9b75e-c573-4bfc-92ef-f11bb1476e0a"}}],"_postman_id":"252ba7d2-77ea-48fa-9e21-4ae6efdd6f72"},{"name":"Working with Spambox","item":[{"name":"Retrieve Spambox adversaries","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData "],"type":"text/javascript","id":"01a78875-545b-4037-9b22-fc83ab364433"}}],"id":"5865e701-1727-4a1a-8a67-ef91587a9638","protocolProfileBehavior":{"disabledSystemHeaders":{"content-type":true},"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"fromDate\": \"2021-04-01T14:40:14.939Z\", //Search start date. The default value is 7 days before the current date.\n  \"toDate\": \"2021-04-01T14:40:14.939Z\", //Search end date. The default value is the current date.\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"] //Adversary types. If not specified, all objects are returned.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/spambox/adversaries?key=","description":"<p>Get a paginated summary of the adversaries found on your Spambox.</p>\n","urlObject":{"protocol":"https","path":["api","spambox","adversaries"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"0922bd1c-1d5a-4d1f-838c-bc2bf5f4bdb5","name":"Retrieve Spambox adversaries","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"fromDate\": \"2021-04-01T00:00:00.00-05:00[America/Bogota]\",\n  \"toDate\": \"2021-04-28T14:50:59.99-05:00[America/Bogota]\",\n  \"adversary-types\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/spambox/adversaries?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","spambox","adversaries"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"adversaries\": [\n        {\n            \"indicator\": \"http://mining.com\",\n            \"info\": [\n                {\n                    \"type\": \"Mining\",\n                    \"description\": \"CryptoMining domain\"\n                }\n            ]\n        }\n    ],\n    \"timestamp\": \"2021-04-29T15:29:48.177Z\",\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 1,\n        \"next\": 2\n    }\n}"}],"_postman_id":"5865e701-1727-4a1a-8a67-ef91587a9638"},{"name":"Retrieve Spambox adversaries","id":"55fb84cb-0b8b-4c36-b5e7-0faf92f06e8d","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/spambox/adversaries?key=","description":"<p>Get a paginated summary of the adversaries found on your Spambox.</p>\n","urlObject":{"protocol":"https","path":["api","spambox","adversaries"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"a24e3078-f290-4c9b-8408-014627a4dbde","name":"Retrieve Spambox adversaries","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/spambox/adversaries?key=&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","spambox","adversaries"],"query":[{"key":"key","value":"","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"adversaries\": [\n        {\n            \"indicator\": \"http://mining.com\",\n            \"info\": [\n                {\n                    \"type\": \"Mining\",\n                    \"description\": \"CryptoMining domain\"\n                }\n            ]\n        }\n    ],\n    \"timestamp\": \"2021-04-29T15:29:48.177Z\",\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 1,\n        \"next\": 2\n    }\n}"}],"_postman_id":"55fb84cb-0b8b-4c36-b5e7-0faf92f06e8d"},{"name":"Retrieve last Spambox adversaries","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData "],"type":"text/javascript","id":"dd73b54c-16f4-42ac-8db7-f381d15ca65e"}}],"id":"18702744-ddb2-4cbb-9bb2-dd6acf1d6ebc","protocolProfileBehavior":{"disabledSystemHeaders":{"content-type":true},"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200, //The number of past hours you want to narrow your results to. The default value is 1.\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"] //Adversary types. If not specified, all objects are returned.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/spambox/adversaries/last?key=","description":"<p>Get a detailed list of adversarial hosts found on your Spambox, within a number of past hours.</p>\n","urlObject":{"protocol":"https","path":["api","spambox","adversaries","last"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"f6f80826-f1be-463e-88d8-4ea1c389c52f","name":"Retrieve last Spambox adversaries","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200,\n  \"adversary-types\": []\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/spambox/adversaries/last?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","spambox","adversaries","last"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"adversaries\": [\n        {\n            \"indicator\": \"http://mining.com\",\n            \"info\": [\n                {\n                    \"type\": \"Mining\",\n                    \"description\": \"CryptoMining domain\"\n                }\n            ]\n        },\n        {\n            \"indicator\": \"http://mining.bg\",\n            \"info\": [\n                {\n                    \"type\": \"Mining\",\n                    \"description\": \"CryptoMining domain\"\n                }\n            ]\n        }\n    ],\n    \"timestamp\": \"2021-04-28T18:33:42.071357Z\",\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 2,\n        \"next\": 2\n    }\n}"}],"_postman_id":"18702744-ddb2-4cbb-9bb2-dd6acf1d6ebc"},{"name":"Retrieve last Spambox adversaries","id":"fa8006a2-58a5-4c63-9232-cbf0ae2753d9","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/spambox/adversaries/last?key=","description":"<p>Get a detailed list of adversarial hosts found on your Spambox, within a number of past hours.</p>\n","urlObject":{"protocol":"https","path":["api","spambox","adversaries","last"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""},{"disabled":true,"description":{"content":"<p>The number of past hours you want to narrow your results to  (default: 1)</p>\n","type":"text/plain"},"key":"hours","value":""}],"variable":[]}},"response":[{"id":"74de8396-7f0a-4eae-bf16-aa0c46f89d70","name":"Retrieve last Spambox adversaries","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/spambox/adversaries/last?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50&hours=1","protocol":"https","host":["defender","lumu","io"],"path":["api","spambox","adversaries","last"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"},{"key":"hours","value":"1","description":"The number of past hours you want to narrow your results to  (default: 1)"}]}},"code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"adversaries\": [\n        {\n            \"indicator\": \"http://mining.com\",\n            \"info\": [\n                {\n                    \"type\": \"Mining\",\n                    \"description\": \"CryptoMining domain\"\n                }\n            ]\n        },\n        {\n            \"indicator\": \"http://mining.bg\",\n            \"info\": [\n                {\n                    \"type\": \"Mining\",\n                    \"description\": \"CryptoMining domain\"\n                }\n            ]\n        }\n    ],\n    \"timestamp\": \"2021-04-28T18:33:42.071357Z\",\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 2,\n        \"next\": 2\n    }\n}"}],"_postman_id":"fa8006a2-58a5-4c63-9232-cbf0ae2753d9"},{"name":"Retrieve last Spambox adversaries list","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData "],"type":"text/javascript","id":"b7a0bbcb-9bbf-4b1a-bf99-4a04d496c22a"}}],"id":"08e38570-ce99-4b3a-b206-5327b1a44253","protocolProfileBehavior":{"disabledSystemHeaders":{"content-type":true},"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200 //The number of past hours you want to narrow your results to. The default value is 1.\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/spambox/adversaries/last/list?key=","description":"<p>Get a list of adversarial hosts contacted within a number of past hours in plain text format.</p>\n","urlObject":{"protocol":"https","path":["api","spambox","adversaries","last","list"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The maximum number of items that will be returned (default: 10, max: 10240)</p>\n","type":"text/plain"},"key":"max-items","value":""}],"variable":[]}},"response":[{"id":"36a35e7d-b53d-49f1-9e8b-1d54dd69f237","name":"Retrieve last Spambox adversaries list","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n  \"hours\": 200\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/spambox/adversaries/last/list?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&max-items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","spambox","adversaries","last","list"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"max-items","value":"50","description":"The maximum number of items that will be returned (default: 10, max: 10240)"}]}},"code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":"http://fraud.ro\r\nhttp://phishing.com\r\nhttp://fake-site.com"}],"_postman_id":"08e38570-ce99-4b3a-b206-5327b1a44253"},{"name":"Retrieve last contacted Spambox adversaries list","id":"ca6fecdb-de0b-4fc1-9feb-8a5e0ad48530","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":""},"url":"https://defender.lumu.io/api/spambox/adversaries/last/list?key=","description":"<p>Get a list of adversarial hosts contacted within a number of past hours in plain text format.</p>\n","urlObject":{"protocol":"https","path":["api","spambox","adversaries","last","list"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>The maximum number of items that will be returned (default: 10, max: 10240)</p>\n","type":"text/plain"},"key":"max-items","value":""},{"disabled":true,"description":{"content":"<p>The number of past hours you want to narrow your results to  (default: 1)</p>\n","type":"text/plain"},"key":"hours","value":""}],"variable":[]}},"response":[{"id":"72c9c4bd-2a70-4c2a-ae33-eb2b94b1c150","name":"Retrieve last contacted Spambox adversaries list","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/spambox/adversaries/last/list?key=&max-items=50&hours=1","protocol":"https","host":["defender","lumu","io"],"path":["api","spambox","adversaries","last","list"],"query":[{"key":"key","value":"","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"max-items","value":"50","description":"The maximum number of items that will be returned (default: 10, max: 10240)"},{"key":"hours","value":"1","description":"The number of past hours you want to narrow your results to  (default: 1)"}]}},"code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":"http://fraud.ro\r\nhttp://phishing.com\r\nhttp://fake-site.com"}],"_postman_id":"ca6fecdb-de0b-4fc1-9feb-8a5e0ad48530"}],"id":"38fb93a4-ac2e-4ac5-8dfe-6114333c9d5d","description":"<p>The <code>/spambox</code> detailed compromise activity detected to adversaries found on your spambox, categorized according to threat type, regardless of being contacted or not. For the GET endpoint queries, the default values are used for all parameters. For getting started with Spambox, consult <a href=\"https://docs.lumu.io/portal/en/kb/articles/spambox\">our documentation</a>.</p>\n<blockquote>\n<p>For the GET endpoint queries, the default values are used for all parameters.</p>\n</blockquote>\n","event":[{"listen":"prerequest","script":{"type":"text/javascript","exec":[""],"id":"16c17b1d-4c01-4e7e-afd8-ec7302b88a7a"}},{"listen":"test","script":{"type":"text/javascript","exec":[""],"id":"4cddda21-7351-4e41-8aa6-f59a9530da21"}}],"_postman_id":"38fb93a4-ac2e-4ac5-8dfe-6114333c9d5d"},{"name":"Portal Management","item":[{"name":"Retrieve Audit Logs","id":"d6abf522-019f-47ef-84c3-0d125e2efc8c","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"https://defender.lumu.io/api/administration/audit?key=&from-date=<iso-formatted UTC datetime>&to-date=<iso-formatted UTC datetime>&page=<n>&items=<n>","description":"<p>Get a paginated list of all administrative actions and system events within the company for auditing purposes.</p>\n","urlObject":{"protocol":"https","path":["api","administration","audit"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"description":{"content":"<p>Optional. Start of the time range. Default: now - 7 days, Min: now - 2 years. This value is inclusive.</p>\n","type":"text/plain"},"key":"from-date","value":"<iso-formatted UTC datetime>"},{"description":{"content":"<p>Optional. End of the time range. Default/max: now - 5 minutes. Must be greater than from-date and within a 180-day window. This value is exclusive.</p>\n","type":"text/plain"},"key":"to-date","value":"<iso-formatted UTC datetime>"},{"description":{"content":"<p>Optional. Page number of the result set (default: 1).</p>\n","type":"text/plain"},"key":"page","value":"<n>"},{"description":{"content":"<p>Optional. Limit the number of results per page (default: 100, max: 500).</p>\n","type":"text/plain"},"key":"items","value":"<n>"}],"variable":[]}},"response":[{"id":"9a26e207-d464-45b7-8b90-18ebe8e0867e","name":"Retrieve Audit Logs","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/administration/audit?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&from-date=2026-01-01T12:00:00Z&to-date=2026-01-30T12:26:00Z&page=1&items=1","protocol":"https","host":["defender","lumu","io"],"path":["api","administration","audit"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"from-date","value":"2026-01-01T12:00:00Z","description":"Optional. Start of the time range. Default: now - 7 days. Max: now - 180 days. This value is inclusive."},{"key":"to-date","value":"2026-01-30T12:26:00Z","description":"Optional. End of the time range. Default/max: now - 5 minutes. Must be greater than from-date and within a 180-day window. This value is exclusive."},{"key":"page","value":"1","description":"Optional. Page number of the result set (default: 1)."},{"key":"items","value":"1","description":"Optional. Limit the number of results per page (default: 100, max: 500)."}]}},"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":"{\r\n    \"timestamp\": \"2026-01-30T17:51:50Z\",\r\n    \"paginationInfo\": {\r\n        \"total\": 8,\r\n        \"page\": 1,\r\n        \"items\": 1,\r\n        \"next\": 2\r\n    },\r\n    \"items\": [\r\n        {\r\n            \"timestamp\": \"2026-01-08T20:28:07Z\",\r\n            \"action\": \"User Logged In\",\r\n            \"performer\": {\r\n                \"email\": \"smunoz@lumu.io\",\r\n                \"name\": \"Super Admin\",\r\n                \"role\": \"admin\",\r\n                \"id\": 1\r\n            },\r\n            \"details\": {\r\n                \"name\": \"Super Admin\",\r\n                \"role\": \"admin\",\r\n                \"email\": \"smunoz@lumu.io\",\r\n                \"company_id\": \"17749bd8-9310-4c89-b7bc-b5d1babf282a\",\r\n                \"previous_login\": \"2025-12-31T15:18:22.467Z\"\r\n            }\r\n        }\r\n    ]\r\n}"}],"_postman_id":"d6abf522-019f-47ef-84c3-0d125e2efc8c"}],"id":"3ca8398a-4db8-4fde-bf63-8151b705f167","description":"<p>The Lumu Portal records the activities and configurations made on the Portal, allowing administrators to keep track of the changes and ensure compliance with your company’s policies.</p>\n","_postman_id":"3ca8398a-4db8-4fde-bf63-8151b705f167"},{"name":"Working with Incidents - Legacy [Deprecated]","item":[{"name":"Retrieve incidents","event":[{"listen":"prerequest","script":{"id":"17c10f00-8199-4383-b3e4-717ec64c11ee","exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript"}}],"id":"5b2921ea-da4b-4822-b3e4-e963003a3606","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"fromDate\": \"2021-04-01T14:40:14.939Z\", //Search start date. The default value is 7 days before the current date.\r\n  \"toDate\": \"2021-04-01T14:40:14.939Z\", //Search end date. The default value is the current date.\r\n  \"status\": [\"open\", \"muted\", \"closed\"], //Incident status. If not specified, all objects are returned.\r\n  \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\r\n  \"labels\": [1, 2, 3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/all?key=","description":"<p>Get a paginated list of incidents for the company. The items are listed by the most recent.</p>\n","urlObject":{"protocol":"https","path":["api","incidents","all"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"53dc7e48-6fd8-43d7-9e87-f03825137b30","name":"Retrieve incidents","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"fromDate\": \"2021-03-23T16:15:30.00-05:00[Europe/Paris]\",\r\n  \"toDate\": \"2021-04-15T16:15:30.234+01:00[Europe/Paris]\",\r\n  \"status\": [\"open\"],\r\n  \"adversary-types\": [\"C2C\"],\r\n  \"labels\": [0, 815]\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/all?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","all"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"id\": \"2a4862b0-97af-11eb-aa46-b5c18d44caca\", \n            \"timestamp\": \"2021-04-07T14:40:14.939Z\", \n            \"statusTimestamp\": \"2021-04-07T14:40:14.939Z\", \n            \"status\": \"open\", \n            \"contacts\": 1, \n            \"adversaries\": [\n                \"example1.com\"\n            ], \n            \"adversaryTypes\": [\n                \"C2C\"\n            ], \n            \"labelDistribution\": {\n                \"17\": 1\n            }, \n            \"totalEndpoints\": 1, \n            \"lastContact\": \"2021-04-04T14:37:02.228Z\", \n            \"unread\": true\n        }\n    ],\n    \"paginationInfo\": {\n        \"page\": 1, \n        \"items\": 50,\n    }\n }"}],"_postman_id":"5b2921ea-da4b-4822-b3e4-e963003a3606"},{"name":"Retrieve a specific incident details","id":"ef1f1960-53fd-4430-92e3-6aebef51a95a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/{incident-uuid}/details?key=","description":"<p>Get details of a specific Incident.</p>\n<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{incident-uuid}</code></th>\n<th>uuid of the specific incident</th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div>","urlObject":{"protocol":"https","path":["api","incidents","{incident-uuid}","details"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"8868ed36-2f85-4d3f-a113-ffa998e47332","name":"Retrieve a specific incident details","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/incidents/4d90fc30-a6de-11eb-8239-a117f0a9f6f5/details?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","4d90fc30-a6de-11eb-8239-a117f0a9f6f5","details"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"id\": \"4d90fc30-a6de-11eb-8239-a117f0a9f6f5\",\n    \"timestamp\": \"2021-04-26T22:25:27.923Z\",\n    \"isUnread\": false,\n    \"contacts\": 114,\n    \"adversaryId\": \"Malware family qakbot\",\n    \"adversaries\": [\n        \"malicious.net\",\n        \"suspicious.biz\",\n        \"example.com\"\n    ],\n    \"adversaryTypes\": [\n        \"DGA\"\n    ],\n    \"description\": \"Malware family qakbot\",\n    \"labelDistribution\": {\n        \"144\": 114\n    },\n    \"totalEndpoints\": 1,\n    \"lastContact\": \"2021-04-26T22:39:16.131Z\",\n    \"actions\": [\n        {\n            \"datetime\": \"2021-04-27T15:13:56.939Z\",\n            \"userId\": 0,\n            \"action\": \"close\",\n            \"comment\": \"Incident close from external API\"\n        },\n        {\n            \"datetime\": \"2021-04-26T22:42:32.532Z\",\n            \"userId\": 1,\n            \"action\": \"read\",\n            \"comment\": \"\"\n        }\n    ],\n    \"status\": \"closed\",\n    \"statusTimestamp\": \"2021-04-27T15:13:56.939Z\",\n    \"firstContactDetails\": {\n        \"uuid\": \"09e02310-de1b-11ec-b481-eb776e1a9b92\",\n        \"datetime\": \"2022-05-28T00:13:45.281Z\",\n        \"host\": \"108clip.com\",\n        \"types\": [\n            \"Phishing\"\n        ],\n        \"details\": [\n            \"Malware family Pony\"\n        ],\n        \"endpointIp\": \"255.111.42.143\",\n        \"endpointName\": \"USER.USER-PC\",\n        \"label\": 346,\n        \"sourceType\": \"virtual_appliance\",\n        \"sourceId\": \"55719C03-b31t-4d5e-8e1e-9f2b7d651c45\",\n        \"sourceData\": {\n            \"DNSPacketExtraInfo\": {\n                \"question\": {\n                    \"type\": \"A\",\n                    \"name\": \"108clip.com\",\n                    \"class\": \"IN\"\n                },\n                \"responseCode\": \"NOERROR\",\n                \"flags\": {\n                    \"authoritative\": false,\n                    \"recursion_available\": true,\n                    \"truncated_response\": false,\n                    \"checking_disabled\": false,\n                    \"recursion_desired\": true,\n                    \"authentic_data\": false\n                },\n                \"answers\": [\n                    {\n                        \"name\": \"108clip.com\",\n                        \"type\": \"A\",\n                        \"class\": \"IN\",\n                        \"ttl\": 2549,\n                        \"data\": \"51.225.156.155\"\n                    }\n                ],\n                \"opCode\": \"QUERY\"\n            }\n        },\n        \"isPlayback\": false\n    },\n    \"lastContactDetails\": {\n        \"uuid\": \"a53c04a0-de1b-11ec-8d45-eb776e3f5271\",\n        \"datetime\": \"2022-05-28T00:18:05.930Z\",\n        \"host\": \"108clip.com\",\n        \"types\": [\n            \"Phishing\"\n        ],\n        \"details\": [\n            \"Malware family Pony\"\n        ],\n        \"endpointIp\": \"119.129.144.45\",\n        \"endpointName\": \"USER.USER-PC\",\n        \"label\": 346,\n        \"sourceType\": \"virtual_appliance\",\n        \"sourceId\": \"55719C03-b31t-4d5e-8e1e-9f2b7d651c45\",\n        \"sourceData\": {\n            \"DNSPacketExtraInfo\": {\n                \"question\": {\n                    \"type\": \"A\",\n                    \"name\": \"108clip.com\",\n                    \"class\": \"IN\"\n                },\n                \"responseCode\": \"NOERROR\",\n                \"flags\": {\n                    \"authoritative\": false,\n                    \"recursion_available\": true,\n                    \"truncated_response\": false,\n                    \"checking_disabled\": false,\n                    \"recursion_desired\": true,\n                    \"authentic_data\": false\n                },\n                \"answers\": [\n                    {\n                        \"name\": \"108clip.com\",\n                        \"type\": \"A\",\n                        \"class\": \"IN\",\n                        \"ttl\": 2549,\n                        \"data\": \"250.4.148.28\"\n                    }\n                ],\n                \"opCode\": \"QUERY\"\n            }\n        },\n        \"isPlayback\": false\n    }\n}"}],"_postman_id":"ef1f1960-53fd-4430-92e3-6aebef51a95a"},{"name":"Retrieve a specific incident context","id":"3578df0f-a7ff-49b9-ba2c-374f98d8007b","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/{incident-uuid}/context?key={company-key}&hash={hash-type}","description":"<p>Get details of a specific Incident.</p>\n<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{incident-uuid}</code></th>\n<th>uuid of the specific incident</th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div>","urlObject":{"protocol":"https","path":["api","incidents","{incident-uuid}","context"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":"{company-key}"},{"key":"hash","value":"{hash-type}"}],"variable":[]}},"response":[{"id":"95174392-606e-4ecd-8b3b-edfe3c56ab3a","name":"Retrieve a specific incident context","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/incidents/4d90fc30-a6de-11eb-8239-a117f0a9f6f5/context?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&hash=SHA1","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","4d90fc30-a6de-11eb-8239-a117f0a9f6f5","context"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"hash","value":"SHA1"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"adversary_id\": \"domain-example.net\",\n    \"currently_active\": false, \n    \"deactivated_on\": \"2021-09-04T14:32:23.325Z\",    \n    \"mitre\": {\n      \"details\": [\n        {\n            \"tactic\": \"discovery\",\n            \"techniques\": [\"T1083\", \"T1069.002\", \"T1082\"]\n        }, \n        {\n            \"tactic\": \"initial-access\",\n            \"techniques\": [\"T1189\", \"T1566.001\"]\n        }\n      ],\n      \"matrix\": \"enterprise\",\n      \"version\": \"9.0\"      \n    }, \n    \"related_files\": [\n        \"c7267981748605fd27af739ef32d4688dc1dc160\",\n        \"0668db6c06fe1bf8726487cd346f5dea7a20caf7\",\n        \"4adb5eeb53dae0a580f4ec55a9add1a0696f4e93\",\n        \"c38e3a08046938c0d9017c5d09e460b3d0046563\",\n        \"8ae2e0bbb7174320379d720ca35421d3d96843ff\",\n        \"c5515101ec506e963cc6fd4d2fc488300c4b4053\",\n        \"79d78a1de39c09977d7d2b8bb09d78cfd7621804\",\n        \"981ea159a18d468aded419ddace8403efa53e1a6\",\n        \"c08b0daa01a2a3f5ce42d1f4838ca5ecd0e6b64c\",\n        \"c7ea27eb33916cc63243354bd6bee988f2a16d09\",\n        \"46b37255f22cb75c5031153d1639794c4ea53da4\",\n        \"e89a0a90d44b186c129a9dfac85b2a6cb5686c94\",\n        \"253738ee1fdff2131cc9917088d277dae983859a\",\n        \"b61ac17c70aed3ad70d768d92dd39771e3eb9c59\"\n    ],\n    \"threat_details\": [\n        \"Sodinokibi Ransomware related\"\n    ], \n    \"threat_triggers\": [\"http://domain-example.net/\"],\n    \"playbooks\": [\"https://docs.lumu.io/portal/en/kb/articles/malware-incident-response-playbook\"],\n    \"external_resources\": [\n        \"https://www.virustotal.com/gui/domain/domain-example.net/relations\",\n        \"https://urlhaus.abuse.ch/host/domain-example.net/\",\n        \"https://www.appgate.com/blog/electric-company-ransomware-attack-calls-for-14-million-in-ransom\", \n        \"https://blog.talosintelligence.com/2019/04/sodinokibi-ransomware-exploits-weblogic.html\"\n    ],\n    \"timestamp\": \"2021-11-03T18:30:01.782Z\"\n}\n"}],"_postman_id":"3578df0f-a7ff-49b9-ba2c-374f98d8007b"},{"name":"Comment a specific incident","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"8e6ed4f5-bbe4-4fee-b731-4101a847d9ea"}}],"id":"1b38c213-b829-48c3-a403-943b233b41dc","protocolProfileBehavior":{"disabledSystemHeaders":{},"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"comment\"\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/{incident-uuid}/comment?key={company-key}","description":"<p>Get a paginated list of open incidents for the company. The items are listed by the most recent.</p>\n","urlObject":{"protocol":"https","path":["api","incidents","{incident-uuid}","comment"],"host":["defender","lumu","io"],"query":[{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""},{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":"{company-key}"}],"variable":[]}},"response":[{"id":"285d56af-2311-4247-b099-113c7c2d5350","name":"Comment a specific incident","originalRequest":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n    \"comment\": \"critical incident\"\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/eec41860-e69f-11ec-b7a5-9ded001a2220/comment?key=MbEoJwFYiPmMUDi8k1CaIIo3EDeFwWox","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","eec41860-e69f-11ec-b7a5-9ded001a2220","comment"],"query":[{"key":"key","value":"MbEoJwFYiPmMUDi8k1CaIIo3EDeFwWox"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":""}],"_postman_id":"1b38c213-b829-48c3-a403-943b233b41dc"},{"name":"Retrieve open incidents","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"64b314a0-1b2e-4b92-b362-f5d23ffb2f30"}}],"id":"f0caeae1-0fed-450b-b5a3-6c7dd9ffc03c","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\r\n   \"labels\": [1,2,3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/open?key=","description":"<p>Get a paginated list of open incidents for the company. The items are listed by the most recent.</p>\n","urlObject":{"protocol":"https","path":["api","incidents","open"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"d3dc7d45-d553-4173-8259-933384ad572d","name":"Retrieve open incidents","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"adversary-types\": [],\r\n   \"labels\": []\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/open?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","open"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"id\": \"d53f69d0-9948-11eb-9b30-bd475fa20b50\",\n            \"timestamp\": \"2021-04-09T15:32:45.933Z\",\n            \"statusTimestamp\": \"2021-04-13T15:15:57.591Z\",\n            \"status\": \"open\",\n            \"contacts\": 4,\n            \"adversaries\": [\n                \"malicious.com\",\n                \"suspicious.com\"\n            ],\n            \"adversaryId\": \"Malware family Banjori\",\n            \"adversaryTypes\": [\n                \"DGA\"\n            ],\n            \"description\": \"Malware family Banjori\",\n            \"labelDistribution\": {\n                \"37\": 2,\n                \"39\": 1,\n                \"179\": 1\n            },\n            \"totalEndpoints\": 3,\n            \"lastContact\": \"2021-04-08T15:25:02.228Z\",\n            \"unread\": false\n        }\n    ],\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 50\n    }\n}"}],"_postman_id":"f0caeae1-0fed-450b-b5a3-6c7dd9ffc03c"},{"name":"Retrieve muted incidents","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"ba8f4e6e-608f-4231-af52-185486304382"}}],"id":"f508a0ad-971a-4a20-ab07-dad33e9934ad","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\r\n   \"labels\": [1,2,3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/muted?key=","description":"<p>Get a paginated list of muted incidents for the company. The items are listed by the most recent.</p>\n","urlObject":{"protocol":"https","path":["api","incidents","muted"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"d84a03de-4241-4cee-b074-138ef70cb6b8","name":"Retrieve muted incidents","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"adversary-types\": [],\r\n   \"labels\": []\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/muted?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","muted"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\r\n    \"items\": [\r\n        {\r\n            \"id\": \"d53f69d0-9948-11eb-9b30-bd475fa2caca\",\r\n            \"timestamp\": \"2021-04-09T15:32:45.933Z\",\r\n            \"statusTimestamp\": \"2021-04-20T17:55:15.730Z\",\r\n            \"status\": \"muted\",\r\n            \"contacts\": 4,\r\n            \"adversaries\": [\r\n                \"malicious.top\",\r\n            ],\r\n            \"adversaryId\": \"Malware family Banjori\",\r\n            \"adversaryTypes\": [\r\n                \"DGA\"\r\n            ],\r\n            \"description\": \"Malware family Banjori\",\r\n            \"labelDistribution\": {\r\n                \"179\": 1,\r\n                \"39\": 1\r\n            },\r\n            \"totalEndpoints\": 3,\r\n            \"lastContact\": \"2021-04-08T15:25:02.228Z\",\r\n            \"unread\": false\r\n        }\r\n    ],\r\n    \"paginationInfo\": {\r\n        \"page\": 1,\r\n        \"items\": 50\r\n    }\r\n}"}],"_postman_id":"f508a0ad-971a-4a20-ab07-dad33e9934ad"},{"name":"Retrieve closed incidents","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"200e97ec-7b22-44df-a176-d72652152895"}}],"id":"a7935f54-46ea-428d-9463-41745573a166","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"adversary-types\": [\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"], //Adversary types. If not specified, all objects are returned.\r\n   \"labels\": [1,2,3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/closed?key=","description":"<p>Get a paginated list of closed incidents for the company. The items are listed by the most recent.</p>\n","urlObject":{"protocol":"https","path":["api","incidents","closed"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"04c19b58-6d58-429f-8248-055224867c9b","name":"Retrieve closed incidents","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"adversary-types\": [],\r\n   \"labels\": []\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/closed?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","closed"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Success","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"id\": \"af16bc80-9c7d-11eb-93a2-5b93f424cf4d\",\n            \"timestamp\": \"2021-04-13T17:28:38.728Z\",\n            \"statusTimestamp\": \"2021-04-15T14:56:27.067Z\",\n            \"status\": \"closed\",\n            \"contacts\": 1,\n            \"adversaries\": [\n                \"example.com\"\n            ],\n            \"adversaryId\": \"example.com\",\n            \"adversaryTypes\": [\n                \"Phishing\"\n            ],\n            \"description\": \"Phishing domain\",\n            \"labelDistribution\": {\n                \"37\": 1\n            },\n            \"totalEndpoints\": 1,\n            \"lastContact\": \"2021-04-12T15:25:02.228Z\",\n            \"unread\": false\n        }\n    ],\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 1,\n        \"next\": 2\n    }\n}"}],"_postman_id":"a7935f54-46ea-428d-9463-41745573a166"},{"name":"Retrieve endpoints by incident","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"39b5666c-9667-4f3e-ba78-b60c62e0d7fe"}}],"id":"ced829ac-25df-40f2-b0c2-44ec47b346d6","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"endpoints\": [\"182.168.100.29\", \"DESK-9867\"], //List of ID of contacting endpoints. If not specified, all objects are returned.\r\n   \"labels\": [1,2,3] //Label IDs. You may previously use the label API call to retrieve label IDs and names. If not specified, all objects are returned.\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/{{ncident-uuid}/endpoints-contacts?key=","description":"<p>Get a paginated summary of the endpoints affected by a specified incident.</p>\n<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{incident-uuid}</code></th>\n<th>uuid of the specific incident</th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div>","urlObject":{"protocol":"https","path":["api","incidents","{{ncident-uuid}","endpoints-contacts"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""},{"disabled":true,"description":{"content":"<p>Page number of the result set (default: 1)</p>\n","type":"text/plain"},"key":"page","value":""},{"disabled":true,"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":""}],"variable":[]}},"response":[{"id":"40af65ab-8e4a-485f-9af2-2d318551883a","name":"Retrieve endpoints by incident","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"endpoints\": [],\r\n   \"labels\": []\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/af16bc80-9c7d-11eb-93a2-5b93f424cf4d/endpoints-contacts?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3&page=1&items=50","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","af16bc80-9c7d-11eb-93a2-5b93f424cf4d","endpoints-contacts"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"page","value":"1","description":"Page number of the result set (default: 1)"},{"key":"items","value":"50","description":"Limit the number of results per page (default: 50, max: 100)"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n    \"items\": [\n        {\n            \"label\": 179,\n            \"endpoint\": \"banrepnt\",\n            \"total\": 1,\n            \"first\": \"2021-04-08T15:25:02.228Z\",\n            \"last\": \"2021-04-08T15:25:02.228Z\"\n        },\n        {\n            \"label\": 37,\n            \"endpoint\": \"192.23.65.61\",\n            \"total\": 2,\n            \"first\": \"2021-04-08T15:25:02.228Z\",\n            \"last\": \"2021-04-08T15:25:02.228Z\"\n        },\n        {\n            \"label\": 39,\n            \"endpoint\": \"jbrow\",\n            \"total\": 1,\n            \"first\": \"2021-04-08T15:25:02.228Z\",\n            \"last\": \"2021-04-08T15:25:02.228Z\"\n        }\n    ],\n    \"paginationInfo\": {\n        \"page\": 1,\n        \"items\": 50\n    }\n}"}],"_postman_id":"ced829ac-25df-40f2-b0c2-44ec47b346d6"},{"name":"Mark incident as read","id":"f3bde710-75fa-431a-b77e-56a62049bee9","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/{incident-uuid}/mark-as-read?key=","description":"<p>This transaction does not require any additional body parameters.</p>\n<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{incident-uuid}</code></th>\n<th>uuid of the specific incident</th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div><blockquote>\n<p>To associate a specific user to this transaction, include the header <code>Lumu-User-Id</code> with the user id as a value. <a href=\"#user-identification-considerations\">Read more</a>.</p>\n</blockquote>\n","urlObject":{"protocol":"https","path":["api","incidents","{incident-uuid}","mark-as-read"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"da61eaee-4905-4f24-9e7b-976d549cda5c","name":"Mark incident as read","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/d3f41000-af3f-11eb-84b5-75a575634188/mark-as-read?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","d3f41000-af3f-11eb-84b5-75a575634188","mark-as-read"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"plain","header":[{"key":"Content-Length","value":"0"},{"key":"Connection","value":"keep-alive"},{"key":"RateLimit-Limit","value":"50"},{"key":"RateLimit-Remaining","value":"49"},{"key":"X-RateLimit-Remaining-Minute","value":"49"},{"key":"X-RateLimit-Limit-Minute","value":"50"},{"key":"X-RateLimit-Remaining-Day","value":"9944"},{"key":"X-RateLimit-Limit-Day","value":"10000"},{"key":"RateLimit-Reset","value":"59"},{"key":"Date","value":"Tue, 20 Apr 2021 18:52:01 GMT"},{"key":"Server","value":"akka-http/10.1.11"},{"key":"X-Kong-Upstream-Latency","value":"6"},{"key":"X-Kong-Proxy-Latency","value":"1"},{"key":"Via","value":"kong/2.4.0"}],"cookie":[],"responseTime":null,"body":""}],"_postman_id":"f3bde710-75fa-431a-b77e-56a62049bee9"},{"name":"Mute incident","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"40fc0207-70e6-4ed1-b378-947bbb9b018e"}}],"id":"921f93c0-05af-44a3-bb3a-9726d8362820","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"comment\": \"\" //REQUIRED comment to be added in the Incident log. Example:\"Internal penetration tests\"\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/{incident-uuid}/mute?key=","description":"<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{incident-uuid}</code></th>\n<th>uuid of the specific incident</th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div><blockquote>\n<p>To associate a specific user to this transaction, include the header <code>Lumu-User-Id</code> with the user id as a value. <a href=\"#user-identification-considerations\">Read more</a>.</p>\n</blockquote>\n","urlObject":{"protocol":"https","path":["api","incidents","{incident-uuid}","mute"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"ec2dea7d-f7ef-487b-bd89-4bccc7dfeabc","name":"Mute incident","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"comment\": \"\"\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/d3f41000-af3f-11eb-84b5-75a575634188/mute?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","d3f41000-af3f-11eb-84b5-75a575634188","mute"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":""}],"_postman_id":"921f93c0-05af-44a3-bb3a-9726d8362820"},{"name":"Unmute incident","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"cac3ec66-fd89-4473-829c-fc4bd8361c16"}}],"id":"3fbe4518-b639-4813-990c-378c7b276435","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"comment\": \"\" //REQUIRED comment to be added in the Incident log. Example:\"The issue is now relevant\"\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/{{ncident-uuid}/unmute?key=","description":"<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{incident-uuid}</code></th>\n<th>uuid of the specific incident</th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div><blockquote>\n<p>To associate a specific user to this transaction, include the header <code>Lumu-User-Id</code> with the user id as a value. <a href=\"#user-identification-considerations\">Read more</a>.</p>\n</blockquote>\n","urlObject":{"protocol":"https","path":["api","incidents","{{ncident-uuid}","unmute"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"e674b00f-0f7d-4323-a8c2-1bff058a43fe","name":"Unmute incident","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"comment\": \"\"\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/d3f41000-af3f-11eb-84b5-75a575634188/unmute?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","d3f41000-af3f-11eb-84b5-75a575634188","unmute"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":""}],"_postman_id":"3fbe4518-b639-4813-990c-378c7b276435"},{"name":"Consult incidents updates through REST","id":"92577a18-2e32-4141-bd65-b368d484b0bc","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/open-incidents/updates?offset=0&items=50&time=5&key={company-key}\n","description":"<p>Lumu provides an endpoint to consult real-time updates on incident operations through REST when Websocket is not available.</p>\n<p>Note: the date format in the updates received from the endpoint is in the UTC time zone and follows standards published in RFC 3339 and ISO 8601</p>\n<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{company-key}</code></th>\n<th>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div>","urlObject":{"protocol":"https","path":["api","incidents","open-incidents","updates"],"host":["defender","lumu","io"],"query":[{"key":"offset","value":"0"},{"description":{"content":"<p>Limit the number of results per page (default: 50, max: 100)</p>\n","type":"text/plain"},"key":"items","value":"50"},{"description":{"content":"<p>Time in seconds for request delay. Only required under specific conditions. (max: 20)</p>\n","type":"text/plain"},"key":"time","value":"5"},{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":"{company-key}\n"}],"variable":[]}},"response":[{"id":"a25a8429-3a72-4e09-9749-020683ca5b9d","name":"Consult incidents updates through REST","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://defender.lumu.io/api/incidents/open-incidents/updates?key=MbEoJwFYiPmMUDi8k1CaIIo3EDeFwWox&offset=733335","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","open-incidents","updates"],"query":[{"key":"key","value":"MbEoJwFYiPmMUDi8k1CaIIo3EDeFwWox","description":"Your company's unique API key available at the [Lumu Portal](#access-and-authentication)"},{"key":"offset","value":"733335"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\n\t\"updates\": [\n    \t{\n        \t\"IncidentClosed\": {\n            \t\"companyId\": \"10228d9c-ff18-4251-ac19-514185e00f17\",\n            \t\"incident\": {\n                \t\"id\": \"47fa7230-225a-11ed-9be2-739ab0337004\",\n                \t\"timestamp\": \"2022-08-22T20:37:46.835Z\",\n                \t\"statusTimestamp\": \"2022-08-23T19:58:50.887Z\",\n                \t\"status\": \"closed\",\n                \t\"contacts\": 1,\n                \t\"adversaries\": [\n                    \t\"chinagrouptraders.xyz\"\n                \t],\n                \t\"adversaryId\": \"chinagrouptraders.xyz\",\n                \t\"adversaryTypes\": [\n                    \t\"C2C\",\n                    \t\"Malware\"\n                \t],\n                \t\"description\": \"Malware family Keybase\",\n                \t\"labelDistribution\": {\n                    \t\"0\": 1\n                \t},\n                \t\"totalEndpoints\": 1,\n                \t\"lastContact\": \"2022-08-22T20:32:02.228Z\",\n                \t\"unread\": false,\n                \t\"hasPlaybackContacts\": false,\n                \t\"firstContact\": \"2022-08-22T20:32:02.228Z\"\n            \t},\n            \t\"comment\": \"test\"\n        \t}\n    \t},\n    \t{\n        \t\"OpenIncidentsStatusUpdated\": {\n            \t\"companyId\": \"10228d9c-ff18-4251-ac19-514185e00f17\",\n            \t\"openIncidentsStatus\": {\n                \t\"openIncidents\": 575,\n                \t\"totalContacts\": 12617,\n                \t\"typeDistribution\": {\n                    \t\"DGA\": 11,\n                    \t\"C2C\": 117,\n                    \t\"Network Scan\": 10,\n                    \t\"Mining\": 139,\n                    \t\"Phishing\": 53,\n                    \t\"Spam\": 81,\n                    \t\"Malware\": 281\n                \t},\n                \t\"labelDistribution\": {\n                \t},\n                \t\"totalEndpoints\": 115\n            \t}\n        \t}\n    \t},\n    \t{\n        \t\"IncidentUnmuted\": {\n            \t\"companyId\": \"10228d9c-ff18-4251-ac19-514185e00f17\",\n            \t\"incident\": {\n                \t\"id\": \"43511460-1fa7-11ed-bd66-d162eff789a8\",\n                \t\"timestamp\": \"2022-08-19T10:11:16.774Z\",\n                \t\"statusTimestamp\": \"2022-08-23T19:59:08.775Z\",\n                \t\"status\": \"open\",\n                \t\"contacts\": 1,\n                \t\"adversaries\": [\n                    \t\"ethereum-pocket.com\"\n                \t],\n                \t\"adversaryId\": \"ethereum-pocket.com\",\n                \t\"adversaryTypes\": [\n                    \t\"Mining\"\n                \t],\n                \t\"description\": \"CryptoMining domain\",\n                \t\"labelDistribution\": {\n                    \t\"2148\": 1\n                \t},\n                \t\"totalEndpoints\": 1,\n                \t\"lastContact\": \"2022-08-16T20:23:23Z\",\n                \t\"unread\": false,\n                \t\"hasPlaybackContacts\": false,\n                \t\"firstContact\": \"2022-08-16T20:23:23Z\"\n            \t},\n            \t\"comment\": \"relevant\"\n        \t}\n    \t},\n    \t{\n        \t\"OpenIncidentsStatusUpdated\": {\n            \t\"companyId\": \"10228d9c-ff18-4251-ac19-514185e00f17\",\n            \t\"openIncidentsStatus\": {\n                \t\"openIncidents\": 576,\n                \t\"totalContacts\": 12618,\n                \t\"typeDistribution\": {\n                    \t\"DGA\": 11,\n                    \t\"C2C\": 117,\n                    \t\"Network Scan\": 10,\n                    \t\"Mining\": 140,\n                    \t\"Phishing\": 53,\n                    \t\"Spam\": 81,\n                    \t\"Malware\": 281\n                \t},\n                \t\"labelDistribution\": {\n                \t},\n                \t\"totalEndpoints\": 115\n            \t}\n        \t}\n    \t},\n    \t{\n        \t\"NewIncidentCreated\": {\n            \t\"companyId\": \"10228d9c-ff18-4251-ac19-514185e00f17\",\n            \t\"incident\": {\n                \t\"id\": \"923bb150-231e-11ed-95fb-d3cd7c5e7afb\",\n                \t\"timestamp\": \"2022-08-23T20:02:52.773Z\",\n                \t\"statusTimestamp\": \"2022-08-23T20:02:52.773Z\",\n                \t\"status\": \"open\",\n                \t\"contacts\": 1,\n                \t\"adversaries\": [\n                    \t\"chinagrouptraders.xyz\"\n                \t],\n                \t\"adversaryId\": \"chinagrouptraders.xyz\",\n                \t\"adversaryTypes\": [\n                    \t\"C2C\",\n                    \t\"Malware\"\n                \t],\n                \t\"description\": \"Malware family Keybase\",\n                \t\"labelDistribution\": {\n                    \t\"218\": 1\n                \t},\n                \t\"totalEndpoints\": 1,\n                \t\"lastContact\": \"2022-08-20T20:37:02.228Z\",\n                \t\"unread\": true,\n                \t\"hasPlaybackContacts\": false,\n                \t\"firstContact\": \"2022-08-20T20:37:02.228Z\"\n            \t},\n            \t\"openIncidentsStats\": {\n                \t\"openIncidents\": 577,\n                \t\"totalContacts\": 12619,\n                \t\"typeDistribution\": {\n                    \t\"DGA\": 11,\n                    \t\"C2C\": 118,\n                    \t\"Network Scan\": 10,\n                    \t\"Mining\": 140,\n                    \t\"Phishing\": 53,\n                    \t\"Spam\": 81,\n                    \t\"Malware\": 282\n                \t},\n                \t\"labelDistribution\": {\n                \t},\n                \t\"totalEndpoints\": 116\n            \t}\n        \t}\n    \t}\n\t],\n\t\"offset\": 724454\n} "}],"_postman_id":"92577a18-2e32-4141-bd65-b368d484b0bc"},{"name":"Close incident","event":[{"listen":"prerequest","script":{"exec":["//this script removes comments in raw json data\r","var rawData = pm.request.body.raw\r","var strippedData = rawData.replace(/\\\\\"|\"(?:\\\\\"|[^\"])*\"|(\\/\\/.*|\\/\\*[\\s\\S]*?\\*\\/)/g, (m, g) => g ? \"\" : m)\r","console.info(strippedData)\r","pm.request.body.raw = strippedData"],"type":"text/javascript","id":"3f9ad528-1b74-4c07-b6ca-b97cbbe090f9"}}],"id":"92efadae-8a76-4852-a306-29b9caca655b","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"comment\": \"\" //REQUIRED comment to be added in the Incident log. Example:\"Internal penetration tests\"\r\n}","options":{"raw":{"language":"json"}}},"url":"https://defender.lumu.io/api/incidents/{{ncident-uuid}/close?key=","description":"<div class=\"click-to-expand-wrapper is-table-wrapper\"><table>\n<thead>\n<tr>\n<th><code>{incident-uuid}</code></th>\n<th>uuid of the specific incident</th>\n</tr>\n</thead>\n<tbody>\n</tbody>\n</table>\n</div><blockquote>\n<p>To associate a specific user to this transaction, include the header <code>Lumu-User-Id</code> with the user id as a value. <a href=\"#user-identification-considerations\">Read more</a>.</p>\n</blockquote>\n","urlObject":{"protocol":"https","path":["api","incidents","{{ncident-uuid}","close"],"host":["defender","lumu","io"],"query":[{"description":{"content":"<p>Your company's unique API key available at the <a href=\"#access-and-authentication\">Lumu Portal</a></p>\n","type":"text/plain"},"key":"key","value":""}],"variable":[]}},"response":[{"id":"bbb95671-e95c-4320-a3fb-5386cad530e1","name":"Close incident","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n   \"comment\": \"\"\r\n}","options":{"raw":{"language":"json"}}},"url":{"raw":"https://defender.lumu.io/api/incidents/d3f41000-af3f-11eb-84b5-75a575634188/close?key=56a0fc30-a6de-85eb-8249-a117f0a9f8g3","protocol":"https","host":["defender","lumu","io"],"path":["api","incidents","d3f41000-af3f-11eb-84b5-75a575634188","close"],"query":[{"key":"key","value":"56a0fc30-a6de-85eb-8249-a117f0a9f8g3"}]}},"status":"- Sucess","code":200,"_postman_previewlanguage":"Text","header":[],"cookie":[],"responseTime":null,"body":""}],"_postman_id":"92efadae-8a76-4852-a306-29b9caca655b"}],"id":"8b10120b-3230-4b56-b5a0-9fd6af66c108","description":"<p>This endpoint has been deprecated and it will be out of commission in the future. You can still use this endpoint if needed; however, we strongly recommend migrating to the new /secops/incidents endpoint. By migrating to this endpoint you can leverage enriched incident metadata for our existing incidents as well as all our newly introduced incident detections (Login Brute Force, Network Brute Force, Unusual Login, etc.)</p>\n<p>The <code>/incidents</code> endpoints contain information about incidents of the company. Lumu groups all occurrences of contacts to malicious infrastructure by adversary and presents them consolidated in the form of incidents.</p>\n<blockquote>\n<p>For getting started with Incidents, consult our documentation / Support. </p>\n</blockquote>\n<h2 id=\"general-considerations\">General considerations</h2>\n<p>The set of incident status (<code>status</code>) and incident types (<code>incident-types</code>) can vary, therefore, any implementation using endpoints that receive those as query data should consider variations. These are the current values for these parameters:</p>\n<ul>\n<li><p>statu: <code>\"open\", \"muted\", \"closed\"</code>.</p>\n</li>\n<li><p>incident-types: <code>\"C2C\", \"Malware\", \"DGA\", \"Mining\", \"Spam\", \"Phishing\"</code></p>\n</li>\n</ul>\n<h2 id=\"subscribe-to-incidents-websocket\">Subscribe to Incidents (Websocket)</h2>\n<p>Lumu provides a streaming endpoint to subscribe to real-time updates on incident operations. Establishing a connection to the streaming API means making a very long-lived HTTP request, and parsing the response incrementally.</p>\n<blockquote>\n<p>For details on API stream, consult <a href=\"https://docs.lumu.io/portal/en/kb/articles/core-concepts-api#Subscribe_to_Incidents_Websocket\">our documentation</a>. </p>\n</blockquote>\n<h2 id=\"user-identification-considerations\">User identification considerations</h2>\n<p>To associate a specific user to POST API transactions (mark as read, mute, unmute and close), you should include the header <code>Lumu-User-Id</code> with the user id as a value.</p>\n<blockquote>\n<p>Example: <code>Lumu-User-Id: 2</code>. This parameter is optional and when not included, the action taken will not be associated to any user. For example, if we set in the query header the id 2, that corresponds to the user “Integration user”, the incident log will look like the following image: </p>\n</blockquote>\n<img src=\"https://desk.zoho.com/DocsDisplay?zgId=694632768&amp;mode=inline&amp;blockId=k87ha7ea9d04f62374c70ad0263583d0b0ecb\" />","event":[{"listen":"prerequest","script":{"type":"text/javascript","exec":[""],"id":"8552124a-4f36-48cb-acda-488a7fcc9610"}},{"listen":"test","script":{"type":"text/javascript","exec":[""],"id":"5e7edf08-b8f5-4b25-ab56-51e932759409"}}],"_postman_id":"8b10120b-3230-4b56-b5a0-9fd6af66c108"}],"event":[{"listen":"prerequest","script":{"type":"text/javascript","exec":[""],"id":"d6560bf3-7995-4c6a-a2eb-0ae998effd40"}},{"listen":"test","script":{"type":"text/javascript","exec":[""],"id":"ffe162f1-c1d0-46bc-9f20-fc7ed1c5d630"}}],"variable":[{"id":"621689f6-468a-46e7-847c-f3cb466a7ca3","key":"company-key","value":""}]}