File Create

This event is generated when a new file is being created at .data.path.

{
  "data": {
    "ancestors": "/usr/lib/systemd/systemd|/usr/bin/login|/usr/bin/zsh|/usr/bin/bash|/usr/bin/xinit|/usr/bin/i3|/usr/bin/bash|/usr/bin/urxvt|/usr/bin/zsh|/usr/bin/bash",
    "command_line": "mktemp --suffix _kunai_test.sh",
    "exe": {
      "path": "/usr/bin/mktemp"
    },
    "path": "/tmp/tmp.TJcKMJp5AQ_kunai_test.sh"
  },
  "info": {
    "host": "...",
    "event": {
      "source": "kunai",
      "id": 88,
      "name": "file_create",
      "uuid": "a200df19-173d-9f25-3816-a59d454dbf47",
      "batch": 557
    },
    "task": "...",
    "parent_task": "...",
    "utc_time": "2024-11-28T14:37:45.584447666Z"
  }
}