1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
DPI Packets (TCP): 10 (5.00 pkts/flow)
DPI Packets (UDP): 20 (1.00 pkts/flow)
Confidence Unknown : 1 (flows)
Confidence DPI : 21 (flows)
Num dissector calls: 54 (2.45 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/3/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/1/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 40/0 (search/found)
Patricia risk mask IPv6: 2/0 (search/found)
Patricia risk: 3/0 (search/found)
Patricia risk IPv6: 1/0 (search/found)
Patricia protocols: 42/0 (search/found)
Patricia protocols IPv6: 2/0 (search/found)
Unknown 1 78 1
Syslog 93 20321 21
Acceptable 93 20321 21
Unrated 1 78 1
1 UDP [2001:470:6c:a1::2]:38159 -> [2001:470:765b::b15:22]:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][6 pkts/2994 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][12.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 15/0 2400/0 7985/0 3185/0][Pkt Len c2s/s2c min/avg/max/stddev: 480/0 499/0 537/0 27/0][PLAIN TEXT ( NetScreen device)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,66,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 172.20.51.54:514 -> 172.31.110.40:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][15 pkts/2925 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][22.45 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 8/0 1495/0 5398/0 2274/0][Pkt Len c2s/s2c min/avg/max/stddev: 150/0 195/0 234/0 34/0][PLAIN TEXT (854 08/20/2013)][Plen Bins: 0,0,0,20,40,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 172.26.229.190:514 -> 172.23.80.196:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][20 pkts/2084 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][31.18 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 14/0 1731/0 15022/0 4686/0][Pkt Len c2s/s2c min/avg/max/stddev: 99/0 104/0 112/0 6/0][PLAIN TEXT ( Connection from UDP)][Plen Bins: 0,60,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 195.120.165.134:514 -> 83.235.169.221:11000 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][4 pkts/1954 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][1.03 sec][PLAIN TEXT (1 2022)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 10.94.80.60:39438 -> 10.94.150.22:514 [VLAN: 2005][proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][1 pkts/1316 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][PLAIN TEXT (Mar 9 04)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
6 UDP 192.168.126.102:57166 -> 172.19.177.230:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][4 pkts/1157 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][26.59 sec][PLAIN TEXT (syslog@9 s)][Plen Bins: 0,0,0,0,0,0,0,75,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 10.186.117.194:49948 -> 169.46.82.162:52173 [VLAN: 1506][proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: System/18][10 pkts/932 bytes -> 0 pkts/0 bytes][Goodput ratio: 15/0][196.31 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 520/0 21812/0 184780/0 57626/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 93/0 206/0 38/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **** Probing attempt **][Risk Score: 110][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][PLAIN TEXT (1 2021)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 10.22.179.215:57166 -> 172.26.54.76:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][5 pkts/852 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][35.05 sec][PLAIN TEXT (syslog@9 s)][Plen Bins: 0,0,0,40,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 10.11.105.154:20627 -> 10.6.15.11:514 [VLAN: 408][proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][1 pkts/761 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][PLAIN TEXT (09 time)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 10.94.232.21:57374 -> 10.94.150.21:514 [VLAN: 2005][proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][5 pkts/740 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][PLAIN TEXT (Mar 9 04)][Plen Bins: 0,0,40,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 10.224.43.149:57166 -> 172.23.243.89:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][3 pkts/736 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][5.49 sec][PLAIN TEXT (facility)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 95.136.242.54:514 -> 93.20.126.110:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][1 pkts/703 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][PLAIN TEXT (Jan 01 00)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 192.168.121.10:50080 -> 192.168.120.10:514 [VLAN: 121][proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][4 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][150.90 sec][PLAIN TEXT ( Mar 3 19)][Plen Bins: 0,0,25,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.45.162:57166 -> 10.208.120.95:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][2 pkts/499 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][0.99 sec][PLAIN TEXT (facility)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.121.2:50352 -> 192.168.120.10:514 [VLAN: 121][proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][2 pkts/385 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][0.00 sec][PLAIN TEXT ( Mar 3 20)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 95.136.242.54:514 -> 93.20.126.48:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][1 pkts/379 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][PLAIN TEXT (Jan 01 00)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.67.241:62679 -> 10.193.53.6:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][2 pkts/292 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][PLAIN TEXT (Sep 22 13)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 172.21.251.36:62679 -> 172.19.196.11:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][2 pkts/284 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][0.99 sec][PLAIN TEXT (Sep 22 13)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 192.168.72.140:62679 -> 192.168.178.148:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][2 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][1.04 sec][PLAIN TEXT (Sep 22 13)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 10.251.23.139:59194 -> 62.39.3.142:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][2 pkts/236 bytes -> 0 pkts/0 bytes][Goodput ratio: 64/0][48.30 sec][PLAIN TEXT (Jan 2 10)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 192.168.254.157:49611 -> 196.240.66.148:514 [proto: 17/Syslog][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][1 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (00 10.126.20.68 Log)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 TCP 169.46.82.162:52173 -> 10.186.117.194:49948 [VLAN: 1906][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No client to server traffic / TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|