# log SOP 撈SOC log SOP SOC teams detect AIE: Indosat: Network Anomaly: From Threat List Attack IP with Common Events Traffic Allowed by Network Firewall. This traffic comes from Host (Origin) 192.53.173.38 to Destination Host (Impacted) 10.34.209.213 with TCP/UDP Port 443. 1. ssh 到 該機器ex: 10.34.209.213 2. cd /opt/nginx/log 3. grep "<攻擊者IP>" -R ./ ex:192.53.173.38