{
  "alertTime": "2026-02-02T11:07:12Z",
  "hostname": "LNX-WEB-03",
  "username": "m.ali",
  "alertType": "Suspicious PowerShell EncodedCommand",
  "severity": "high",
  "network": {
    "destinationIp": "198.51.100.212",
    "destinationPort": 80
  },
  "process": {
    "name": "powershell.exe",
    "path": "C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe"
  }
}