(Image:\/grep OR Image:\/egrep) (CommandLine:nessusd* OR CommandLine:td\-agent* OR CommandLine:packetbeat* OR CommandLine:filebeat* OR CommandLine:auditbeat* OR CommandLine:osqueryd* OR CommandLine:cbagentd* OR CommandLine:falcond*)