Today our Cisco SPA lost registration and after a reboot its fine, thought i would have a look to see what the error is but our log is filled up with this repeating itself
Looks like somebody has or attempting to get in to my PBX
[2017-05-26 17:59:01] SECURITY[4330] res_security_log.c: SecurityEvent=“SuccessfulAuth”,EventTV=“2017-05-26T17:59:01.957+0100”,Severity=“Informational”,Service=“AMI”,EventVersion=“1”,AccountID=“admin”,SessionID=“0xb4a98e58”,LocalAddress=“IPV4/TCP/0.0.0.0/5038”,RemoteAddress=“IPV4/TCP/127.0.0.1/60068”,UsingPassword=“0”,SessionTV=“2017-05-26T17:59:01.957+0100”
[2017-05-26 17:59:01] SECURITY[4330] res_security_log.c: SecurityEvent=“SuccessfulAuth”,EventTV=“2017-05-26T17:59:01.977+0100”,Severity=“Informational”,Service=“AMI”,EventVersion=“1”,AccountID=“admin”,SessionID=“0xb47a3390”,LocalAddress=“IPV4/TCP/0.0.0.0/5038”,RemoteAddress=“IPV4/TCP/127.0.0.1/60076”,UsingPassword=“0”,SessionTV=“2017-05-26T17:59:01.977+0100”
[2017-05-26 17:59:01] SECURITY[4330] res_security_log.c: SecurityEvent=“SuccessfulAuth”,EventTV=“2017-05-26T17:59:01.983+0100”,Severity=“Informational”,Service=“AMI”,EventVersion=“1”,AccountID=“admin”,SessionID=“0xb466f000”,LocalAddress=“IPV4/TCP/0.0.0.0/5038”,RemoteAddress=“IPV4/TCP/127.0.0.1/60080”,UsingPassword=“0”,SessionTV=“2017-05-26T17:59:01.983+0100”
[2017-05-26 17:59:03] VERBOSE[3882] asterisk.c: Remote UNIX connection
[2017-05-26 17:59:03] VERBOSE[6781] asterisk.c: Remote UNIX connection disconnected
[2017-05-26 17:59:03] VERBOSE[3882] asterisk.c: Remote UNIX connection
[2017-05-26 17:59:03] VERBOSE[6783] asterisk.c: Remote UNIX connection disconnected
[2017-05-26 17:59:03] VERBOSE[3882] asterisk.c: Remote UNIX connection
[2017-05-26 17:59:03] VERBOSE[6785] asterisk.c: Remote UNIX connection disconnected
[2017-05-26 17:59:22] SECURITY[4330] res_security_log.c: SecurityEvent=“SuccessfulAuth”,EventTV=“2017-05-26T17:59:22.643+0100”,Severity=“Informational”,Service=“AMI”,EventVersion=“1”,AccountID=“admin”,SessionID=“0xb47eac90”,LocalAddress=“IPV4/TCP/0.0.0.0/5038”,RemoteAddress=“IPV4/TCP/127.0.0.1/60084”,UsingPassword=“0”,SessionTV=“2017-05-26T17:59:22.643+0100”
[2017-05-26 17:59:58] SECURITY[4330] res_security_log.c: SecurityEvent=“SuccessfulAuth”,EventTV=“2017-05-26T17:59:58.564+0100”,Severity=“Informational”,Service=“AMI”,EventVersion=“1”,AccountID=“admin”,SessionID=“0xb47eac90”,LocalAddress=“IPV4/TCP/0.0.0.0/5038”,RemoteAddress=“IPV4/TCP/127.0.0.1/60088”,UsingPassword=“0”,SessionTV=“2017-05-26T17:59:58.564+0100”
[2017-05-26 18:00:01] SECURITY[4330] res_security_log.c: SecurityEvent=“SuccessfulAuth”,EventTV=“2017-05-26T18:00:01.825+0100”,Severity=“Informational”,Service=“AMI”,EventVersion=“1”,AccountID=“admin”,SessionID=“0xb47eac90”,LocalAddress=“IPV4/TCP/0.0.0.0/5038”,RemoteAddress=“IPV4/TCP/127.0.0.1/60092”,UsingPassword=“0”,SessionTV=“2017-05-26T18:00:01.825+0100”
[2017-05-26 18:00:01] SECURITY[4330] res_security_log.c: SecurityEvent=“SuccessfulAuth”,EventTV=“2017-05-26T18:00:01.905+0100”,Severity=“Informational”,Service=“AMI”,EventVersion=“1”,AccountID=“admin”,SessionID=“0xb4a98e58”,LocalAddress=“IPV4/TCP/0.0.0.0/5038”,RemoteAddress=“IPV4/TCP/127.0.0.1/60096”,UsingPassword=“0”,SessionTV=“2017-05-26T18:00:01.905+0100”