The Systemd data contains all attributes about a systemd unit or user session that were flagged by Sandfly Security or a user defined sandfly for whatever reason.
Systemd Unit Data
{
"context": {
"scope": "",
"uid": 0
},
"type": "",
"name": "",
"description": "",
"load_state": "",
"active_state": "",
"sub_state": "",
"object_path": "",
"service_info": {
"exec_start": null,
"exec_start_pre": null,
"exec_start_post": null,
"exec_reload": null,
"exec_stop": null,
"exec_stop_post": null,
"environment": null,
"main_exec_start_time": "0001-01-01T00:00:00Z",
"main_exec_exit_time": "0001-01-01T00:00:00Z",
"main_pid": {
"pid": 0,
"process": null
},
"control_pid": {
"pid": 0,
"process": null
},
"status_text": "",
"uid": 0,
"gid": 0
},
"timer_info": {
"last_trigger_time": "0001-01-01T00:00:00Z",
"calendar": null,
"unit": ""
},
"socket_info": {
"listen": null,
"num_connections": 0,
"num_accepted": 0,
"num_refused": 0,
"unit": ""
}
}Systemd User Session Data
{
"uid": 0,
"gid": 0,
"username": "",
"runtime_path": "",
"start_time": "0001-01-01T00:00:00Z",
"linger": false
} | Previous Article: | Next Article: |  |